General Electric is investigating claims that attackers infiltrated the company’s development environment in a cyberattack and leaked allegedly stolen data.
General Electric (GE) is an American multinational corporation with divisions in the power, renewable energy, and aerospace industries.
Earlier this month, a threat actor named IntelBroker attempted to sell access to General Electric’s “development and software pipeline” for $500 on a hacking forum.
After not selling the alleged access, the attackers reposted that they were now selling both the network access and the allegedly stolen data.
“I previously listed access to General Electric, but no real serious buyer responded or followed up with me. I currently have access (SSH, SVN, etc.) I am selling the whole thing individually here,” the attacker posted on one site. Hacking forum.
“The data includes a large amount of DARPA-related military information, files, SQL files, documents, etc.”
As evidence of the breach, the attackers shared screenshots of what they claim is stolen GE data, including a GE Aviations database that appears to contain information about military projects.
GE confirmed in a statement to BleepingComputer that it is aware of the hackers’ claims and is investigating the alleged data breach.
“We are aware of claims made by malicious parties regarding GE data and are investigating these claims. We will take appropriate steps to protect the integrity of our systems,” a GE spokesperson said. a representative told Bleeping Computer.
Although no breaches have been confirmed, IntelBroker is a hacker known for pulling off high-profile cyberattacks in the past.
This includes Weee! grocery store service violations and theft of sensitive personal information from his DC Health Link program in the District of Columbia;
DC Health Link is Washington, DC’s healthcare marketplace used by many White House and House of Representatives staff and their families.
In March, IntelBroker infiltrated DC Health Link and claimed to have sold a stolen database containing the personal information of thousands of people.
The breach was widely reported in the media and Congressional hearings were held to learn more and investigate how the breach occurred.
During the hearing, Mila Coffman, executive director of the District of Columbia Health Benefits Exchange, said: explained The data was exposed through a server that was incorrectly configured to be accessible online.