- A hacker claims to be selling stolen data from Check Point
- The security firm says that the data comes from an old violation that has been treated
- But some security experts are not convinced by this explanation
A hacker claims to have stolen a “highly sensitive” data set from Check Point, but the company is looking to tear down any concerns that users may have.
The cybercriminal, with the name of choreinjection, published on the data set of the control point files compromised in a forum of cyber crimes, and alleges that the information contains user credentials, information from employee contracts and internal network maps, among other things.
A Check Point spokesman said Techradar Pro that “they would not really call it a rape”, and added that this was “an account with limited access in a portal.” The firm’s statement ensures that this is an “old and very identified event”, which only involved some organizations, and “does not include the systems, production or customer security architecture.”
“If this is completely false, I would be surprised”
However, concerns have been raised in the cyber security industry, with Hudson Rock Cto, Alon Gal, saying that there is a “high certainty” that the control point has been pirate, with a threat actor that seems to have “won access to an administrator account with serious privileges.”
While the researcher argues that he would be surprised, he also explains that the violation “is not yet officially confirmed.”
In the official response of Check Point, he confirmed that a violation occurred, but that this was a long time ago, and that the hacker only recycles ancient information that “implies exaggerated statements that never happened.”
“This was handled months ago, and did not include the detailed description in this message. These organizations were updated and managed at that time, and this is nothing more than the regular recycling of the previous information. We believe that at no time there was a safety risk for the control point, its clients or employees,” the spokesman told US.
In 2024, computer pirates were attacked by computer pirates to obtain access to corporate networks, although these attempts were not successful, and the control point outlined a simple and easy solution.
Through the registration
