General Electric is looking into allegations that a threat actor broke into the business’s development environment through a cyberattack and released data that was purportedly stolen.
The power, renewable energy, and aerospace industries are the divisions of the American multinational corporation General Electric (GE).
An attempt was made earlier this month on a hacking forum by a threat actor going by the name IntelBroker to sell access to General Electric’s “development and software pipelines” for $500.
The threat actor then re-posted claiming to be selling both the network access and purportedly stolen data, having previously stated they were not selling the alleged access.
“I put up the access to General Electrics earlier, but no real buyers have gotten back to me or followed up. The threat actor wrote, “I am now selling the whole thing here separately, including access (SSH, SVN, etc.),” in a post on a hacker forum.
“Data includes a lot of DARPA-related military information, files, SQL files, documents, etc.”
The threat actor released screenshots of what they say are stolen GE data as evidence of the breach, including a database from GE Aviation that seems to contain details on military projects.
GE acknowledged reading the hacker’s claims in a statement to BleepingComputer and said they are looking into the purported data leak.
Names, dates of birth, addresses, phone numbers, email addresses, Social Security numbers, and other sensitive information were among the personal details of about 170,000 people, according to a sample of the stolen data.
The group says it has military data, SQL data, and documents related to DARPA.
A congressional hearing was held to further investigate the incident as a result of the breach.
We are looking into allegations made about GE data by a bad actor that we are aware of. A GE spokesperson told BleepingComputer, “We will take the necessary steps to help protect the integrity of our systems.
IntelBroker is a hacker with a history of successful, well-publicized cyberattacks, though the breach has yet to be verified.
This includes a breach involving the Web! grocery service and the theft of private data from the D.C. Health Link program in the District of Columbia.
Washington, D.C.’s DC Health Link is a healthcare marketplace that many House and White House employees, as well as their families, use.
IntelBroker allegedly sold a stolen database that contained thousands of people’s personal information after breaking into DC Health Link in March.
Widespread media coverage of the breach resulted in a congressional hearing to explore the breach’s cause and circumstances.
The District of Columbia Health Benefit Exchange Authority’s Executive Director, Mila Kofman, stated during the hearing that the data was made available online due to a server that was improperly configured.
General Electric which was founded in 1892, has grown into a multinational industrial behemoth. This business is well-known for its wide range of products and services in several sectors, including renewable energy, electricity, healthcare, and aviation. GE’s aerospace division is well known throughout the world for creating state-of-the-art aircraft engines that have greatly improved air travel.