GE

General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data.

General Electric (GE) is an American multinational company with divisions in power, renewable energy, and aerospace industries.

Earlier this month, a threat actor named IntelBroker attempted to sell access to General Electric's "development and software pipelines" for $500 on a hacking forum.

After not selling said alleged access, the threat actor posted again that they are now selling both the network access and allegedly stolen data.

"I previously listed the access to General Electrics, however, no serious buyers have actually responded to me or followed up. I am now selling the entire thing here separately, including access (SSH, SVN etc)," the threat actor posted to a hacking forum.

"Data includes a lot of DARPA-related military information, files, SQL files, documents etc."

IntelBroker selling alleged GE data and acess on a hacking forum
IntelBroker selling alleged GE data and acess on a hacking forum
Source: BleepingComputer

As proof of the breach, the threat actor shared screenshots of what they claim is stolen GE data, including a database from GE Aviations that appears to contain information on military projects.

In a statement to BleepingComputer, GE confirmed they are aware of the hacker's claims and are investigating the alleged data leak.

"We are aware of claims made by a bad actor regarding GE data and are investigating these claims. We will take appropriate measures to help protect the integrity of our systems," a GE Spokesperson told BleepingComputer.

While the breach has not been confirmed, IntelBroker is a hacker known for successful, high-profile cyberattacks in the past.

This includes a Weee! grocery service breach and the theft of sensitive personal information from the District of Columbia's D.C. Health Link program.

DC Health Link is a healthcare marketplace for Washington, D.C., used by many White House and House staffers and their families.

In March, IntelBroker breached DC Health Link and claimed to have sold a stolen database containing the personal information of thousands of people.

This breach led to wide media coverage and a congressional hearing to learn more about and investigate how the breach occurred.

During the hearing, Mila Kofman, Executive Director of the District of Columbia Health Benefit Exchange Authority, explained that the data was exposed through a server that was misconfigured so that it was accessible online.

Related Articles:

AMD investigates breach after data for sale on hacking forum

Cooler Master confirms customer info stolen in data breach

Advance Auto Parts confirms data breach exposed employee information

Keytronic confirms data breach after ransomware gang leaks stolen files

DocGo discloses cyberattack after hackers steal patient health data