Check Point has reassured its customers after a hacker claimed to have obtained some of the company’s valuable data. The information in question was said to have been collected over a long period of time without infiltrating the security company’s internal systems.
A hacker who goes by the name Corelinjection claims to have stolen information from Check Point and is offering it for sale for 5 bitcoin (currently about 400,000 euros). The threat was spread via BreachForums, where the hacker claimed to have access to login details, source code, employee contact details, project documentation and other sensitive data.
Misleading information
Check Point, however, is adamant that there has been no systems breach. According to the company, the information was probably collected by so-called infostealer malware that was placed on individual users’ devices. It is a common method of stealing login details.
Check Point suggests that the hacker is deliberately spreading misleading information by using a well-known incident from the past. This makes it sound as if a new infiltration has taken place, but this does not appear to be the case.
The data on offer has been investigated by Check Point before and labeled as “irrelevant.” One of the screenshots shown as evidence even contains a completely forged email: “Anyone can see that this is a fake email,” says Check Point. It explains that the email message comes from a non-existent Check Point account and allegedly describes a breach that never took place. To top it all off, the name Check Point is misspelled.
Not the first false claim
Usually, widely publicized claims of hacks are often true. However, even some widely reported breaches end up being fakes. Early this year, for example, Atos debunked similar claims made by the hacker group Space Bears. The French IT company concluded that its IT infrastructure had not been breached. As a result, no access was gained to the source code or company data.
Hackers often target companies like Check Point because of their important position as security providers. A successful attack on such a party would not only be harmful to the affected company, but could also lead to secondary attacks on their customers. Given the far-reaching access that security companies need to resolve incidents, there is a significant chance that a successful infiltration will yield other valuable information for cyber attackers.
Check Point itself is also busy plugging holes. For example, it entered into a partnership with cloud security firm Wiz, which has since been acquired by Google’s parent company Alphabet for 32 billion dollars.