Zscaler hacked by IntelBroker
IntelBroker claims to have breached Zscaler and sold access to its systems, Zscaler maintains that there has been no compromise of its main environments and that only an isolated test environment was affected. The situation continues to develop as investigations proceed.
IntelBroker’s Claims:
📌IntelBroker, a known threat actor, claimed to have breached Zscaler’s systems.
📌The actor allegedly accessed confidential logs packed with credentials, including SMTP access, PAuth access, and SSL passkeys and certificates.
📌IntelBroker offered to sell this access for $20,000 in cryptocurrency.
Zscaler’s Response and Findings:
📌Zscaler has consistently denied any impact or compromise to its customer, production, and corporate environments.
📌The company acknowledged the exposure of an isolated test environment on a single server, which was not connected to Zscaler’s infrastructure or hosting any customer data.
📌This test environment was exposed to the internet and subsequently taken offline for forensic analysis.
Investigative Measures:
📌Zscaler engaged a reputable incident response firm to conduct an independent investigation.
📌The company has been providing regular updates, asserting the security of its main operational environments.
📌Zscaler emphasized that the exposure of the test environment does not affect the security of its primary systems and data.
IntelBroker’s Background and Credibility:
📌IntelBroker has a history of making bold claims about breaches, including previous allegations against high-profile targets like the US State Department and various corporate entities.
📌The threat actor is also known for previous breaches involving companies like PandaBuy and HomeDepot, and claims of stealing data from General Electric.
Root Cause of the Alleged Hack:
📌The root cause, as claimed by IntelBroker, centers on the exploitation of the isolated test environment that was inadvertently exposed to the internet.
📌Zscaler’s investigation discovered only this exposure, which did not involve any customer data or connection to its main infrastructure.
Contradictions and Ongoing Developments:
📌IntelBroker’s assertion that the access sold was not to a testing environment contradicts Zscaler’s findings.
📌Zscaler maintains that there has been no compromise of its main systems and has taken steps to ensure the continued security of its environments.
Vkontakte
Twitter
Одноклассники
