{
	"id": "cc572143-056e-4201-92bd-6ec02d42288d",
	"created_at": "2026-04-06T00:16:25.210886Z",
	"updated_at": "2026-04-10T13:11:43.654563Z",
	"deleted_at": null,
	"sha1_hash": "1fe766f22d9187e0a018858d43d7a08491134f42",
	"title": "Cybersecurity Firm Hacked: Sensitive Data on Sale",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 297665,
	"plain_text": "Cybersecurity Firm Hacked: Sensitive Data on Sale\r\nBy ddos\r\nPublished: 2024-05-09 · Archived: 2026-04-05 16:10:01 UTC\r\nRecently, reports have emerged about a significant cyber incident. A hacker, known by the alias “IntelBroker,”\r\nclaims to have breached the systems of one of the world’s leading cybersecurity companies, which boasts an\r\nannual revenue of $1.8 billion.\r\nIntelBroker posted an offer on the notorious cybercriminal forum BreachForums, proposing to sell access to\r\nsensitive data and systems of the affected company for $20,000 in the cryptocurrency Monero (XMR). The name\r\nof the afflicted company has not been disclosed by the hacker, presumably to prevent it from implementing\r\nprotective measures before the data is sold.\r\nhttps://meterpreter.org/cybersecurity-firm-hacked-sensitive-data-on-sale/\r\nPage 1 of 2\n\nAmong the stolen information, according to the hacker, are SSL keys, access to the Simple Mail Transfer Protocol\r\n(SMTP), confidential logs containing credentials, and access to Pointer Auth Authentication, which may pertain to\r\nARM Pointer authentication.\r\nThe hacker has stated that additional details will be provided only after contact with potential buyers and has\r\nagreed to use an intermediary or escrow service for the transaction. Furthermore, IntelBroker requires buyers to\r\nverify their funds and limits sales exclusively to highly reputable members of the forum.\r\nSince first appearing in the hacking community in October 2022, IntelBroker has been involved in several high-profile data breaches, including those affecting DC Health Link, General Electric, Hewlett Packard Enterprise,\r\nLos Angeles International Airport, and the American contracting company Acuity. Consequently, the\r\ncybercriminal has gained a somewhat positive reputation on hacking forums, lending some credence to his claims.\r\nThe incident highlights the potential vulnerability of even the most secure cybersecurity systems. If the breach is\r\nconfirmed, the implications could be significant not only for the company involved but also for its clients and the\r\ncybersecurity industry as a whole.\r\nZscaler, which seemingly fits the description provided by IntelBroker, has already initiated an investigation to\r\ndetermine if its systems have been compromised. According to the company’s security updates page, preliminary\r\nfindings revealed an isolated environment on one of its servers, which “was not hosted on Zscaler infrastructure\r\nand had no connectivity to Zscaler’s environments” but was nonetheless accessible from the internet. “The test\r\nenvironment was taken offline for forensic analysis.”\r\nAs of the morning of May 9th, the company assures its clients that there has been no impact on its customers,\r\nproduction, or corporate environments. Nevertheless, Zscaler has engaged an external incident response\r\norganization to conduct its independent investigation.\r\nIt remains unclear whether IntelBroker was indeed referring to Zscaler when announcing the sale of access, or if it\r\nis merely a coincidence that the company discovered “an isolated test environment on a single server (without any\r\ncustomer data) which was exposed to the internet.” More dramatic developments related to this story are likely to\r\nemerge, and we will certainly report on them.\r\nPost navigation\r\nSource: https://meterpreter.org/cybersecurity-firm-hacked-sensitive-data-on-sale/\r\nhttps://meterpreter.org/cybersecurity-firm-hacked-sensitive-data-on-sale/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MISPGALAXY",
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://meterpreter.org/cybersecurity-firm-hacked-sensitive-data-on-sale/"
	],
	"report_names": [
		"cybersecurity-firm-hacked-sensitive-data-on-sale"
	],
	"threat_actors": [
		{
			"id": "0263e1e1-4568-410a-a5e4-6932db1d40da",
			"created_at": "2024-06-26T02:00:04.854969Z",
			"updated_at": "2026-04-10T02:00:03.667295Z",
			"deleted_at": null,
			"main_name": "IntelBroker",
			"aliases": [],
			"source_name": "MISPGALAXY:IntelBroker",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434585,
	"ts_updated_at": 1775826703,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/1fe766f22d9187e0a018858d43d7a08491134f42.pdf",
		"text": "https://archive.orkl.eu/1fe766f22d9187e0a018858d43d7a08491134f42.txt",
		"img": "https://archive.orkl.eu/1fe766f22d9187e0a018858d43d7a08491134f42.jpg"
	}
}