DARPA Investigates data breach

General Electric Probes Security Breach as Hackers Sell DARPA-Related Access

According to the threat actor, the data includes “a lot of DARPA-related military information.”

The security breach was announced by IntelBroker, a threat actor mostly known for data breaches against delivery and logistics companies.

A notorious hacker using the alias ‘IntelBroker’ wants to sell data apparently stolen from renowned US-based multinational corporation General Electric (GE). The hacker is marketing the data on the notorious Breach Forums.

As seen by Hackread.com, the group is claiming to have breached GE’s security and accessed data on the confidential military projects the company was working on. The group’s member is now trying to sell GE’s network access for $500 and sensitive data from DARPA, the US government’s defence R&D agency.

For your information, GE was founded around a century ago by Thomas Edison. Today, it boasts a diverse portfolio covering renewable energy, health care, and aerospace.

IntelBroker posted screenshots on X (formerly Twitter) that indicate that the threat actor is actively marketing the stolen data on popular marketplaces on Clear and Dark Web. The hacker has shared the following information in the listing:

“I previously listed access to General Electrics, but no serious buyers have actually responded to me or followed up. I am now selling the entire thing here separately, including access (SSH, SVN etc.).”

Regarding the data, the seller boasted that it comprises “a lot of DARPA-related military information, files, SQL files, documents etc.”

DARPA Investigates data breach
What the hacker posted on Breach Forums (Screenshot: Hackread.com)

In their post on the hacker forum, the threat actor wrote that they first tried to sell alleged SSH and SVN access to the company’s networks but couldn’t find suitable buyers. They are now re-attempting to sell the data to whoever wants to pay for it.

The data samples they have shared on the forum include SQL database files, aviation systems’ technical descriptions/guides, maintenance reports, and military documents.

Though Hackread.com could not verify the authenticity of the data, considering the hacker’s record, the claim seems credible. The same threat actor had breached the personal information of 170,000 individuals. They offered to sell it on the Dark Web after hacking the DC Health Benefit Exchange Authority (HBX) health insurance marketplace, DC Health Link, in March 2023.

Regarding the current breach, GE is investigating the data breach and will soon release an official statement to share its findings.

It is worth noting that GE has been a victim of data breaches. In 2020, the company lost employee data after a third-party provider, Canon Business Process Services, got hacked. In early 2023, GE’s ex-employee of GE, Xiaoqing Zheng, who worked at GE Power’s Schenectady plant, received a two-year sentence for conspiring to steal aviation trade secrets and sharing them with China.

For your information, the GE data is being sold on Breach Forms, the same forum where, just a couple of weeks ago, another threat actor leaked a scraped LinkedIn database with 35 million user data. Last week, the same forum witnessed the leak of a database containing the personal data of thousands of employees of the Idaho National Lab.

On the other hand, IntelBroker is recognized for targeted cyber attacks against delivery services and logistics companies. This threat actor had previously breached the US-based online grocery delivery platform, Weee!, leading to the leak of data from 1.1 million customers online.

  1. Military Satellite Access Sold on Russian Hacker Forum
  2. Quest Diagnostics data breach affects 12 million customers
  3. Top 10 vulnerable airports where your device can be hacked
  4. Top US aerospace services provider breach, loses 1.5 TB of data
  5. America’s largest diagnostics service LabCorp suffers data breach

Related Posts