Check Point Contest Hacker's Allegations Of Breach.
The Security Provider Responds That All Of The Data Was Obtained Over Time By Focusing On Certain People Rather Than Directly From It's Systems.
Customer's are being reassured by Check Point that there was no Breach, even though a hacker claimed to have stolen data from the security provider, the threat actor, known as Corelinjection, advertized on Breach forums that they were asking 5 Bitcoin, or about $430,000, for data that they claimed to have stolen from check point.
According to Corelinjection, the stolen data included binaries, project documents, employee contact information, credentials, source code, and more. To demonstrate that they had access to the cyber security company's systems, the hacker also shared screenshots in their forum post. Since then, Check Point has released a statement claiming that none of the data in the post was stolen from the company.
" All of it was probably collected overtime by infostealers on individuals'devices, just like on any attempt to steal accounts' credentials," the business said. According to the vendor, the hacker is purposefully and falsely disseminating misleading information by using a known historical event to falsely suggest that there is a present Breach.
It appears that the company has "Known" about the data for a while, looked into it, and "found irrelevant." A purported email from the Check Point is included in one of the screenshots in the Breach forums thread. "Anyone can see this is a Fake Email," according to the business, "from a non existent check Point account, describing a Breach which never occurred, violating privacy practices, using emails taken from the email bulk described above, while even misspelling check Point's name."
