Ethical Hacking News
Check Point Breach: The "Highly Sensitive" Data Scandal that Left Many Questions Unanswered
A recent cybercrime forum post claimed to have obtained highly sensitive data from Check Point, an American-Israeli security company. However, Check Point has denied the allegations, stating that the breach was limited and contained only outdated information. This article will delve into the details of the incident, the response from Check Point, and the implications for the cybersecurity industry.
Check Point, a security solutions provider, has been at the center of a cybercrime scandal. A digital burglar claimed to have obtained highly sensitive data from Check Point, including internal network maps and user credentials. Screenshots shared by the burglar appeared to be highly convincing, but the authenticity is disputed. Check Point denied any security risk to customers and employees, attributing the breach to an "old, known, and pinpointed event" affecting only a few organizations. The stolen data allegedly included internal mitigations on a portal with limited access. Cybersecurity experts have expressed skepticism towards Check Point's claims, but also pointed out that the breach may be narrower than initially thought.
Check Point, a prominent provider of security solutions, has found itself at the center of a cybercrime scandal. A digital burglar, known by their handle CoreInjection, recently posted on a cybercrime forum claiming to have obtained "highly sensitive" data from Check Point. The post described the stolen data as containing internal network maps and architectural diagrams, user credentials (including hashed and plaintext passwords), employee contact information, and proprietary source code.
Screenshots shared in the post appeared to show CoreInjection inside a Check Point admin Infinity (security management) portal, supposedly granting themselves the ability to change users' two-factor authentication settings. The images were deemed "highly convincing" by some industry experts, who pointed out that the details in the screenshots seemed too real to be faked.
However, when The Register contacted Check Point for answers to various questions, many of which it did not respond to, the vendor instead sent over a brief statement denying any security risk to customers and employees. According to Check Point, the breach was an "old, known, and very pinpointed event" that involved only a few organizations and a portal that does not include customers' systems, production, or security architecture.
Check Point claimed that the break-in had affected only three organizations in December 2024, which were updated and handled at the time of the breach. The root cause of the breach was attributed to the abuse of compromised credentials for a portal account "with limited access." The stolen data allegedly included internal mitigations on the portal.
In response to the cybercrime forum post, Alon Gal, co-founder and CTO of Hudson Rock, expressed his concerns about the criminal's allegations. He noted that the screenshots provided appeared to be highly convincing but also pointed out that CoreInjection had a known history of targeting Israeli companies and a "track record of legitimate leaks" due to the detailed information shared.
Gal also highlighted the discrepancy in the number of accounts listed in one of the screenshots, which showed over 120,000 active users. He emphasized the need for caution when evaluating the severity of the breach, as it was possible that not all the details shared by CoreInjection were accurate.
The incident has sparked debate among cybersecurity experts about the scope and implications of the breach. While some have expressed skepticism towards Check Point's claims, others have pointed out that the breach may be narrower than initially thought.
In conclusion, the recent cybercrime forum post claiming to have obtained highly sensitive data from Check Point has raised questions about the severity of the breach and the response of the company. As more information becomes available, it is essential for cybersecurity professionals and experts to carefully evaluate the situation and provide context to those who are affected.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Great-Highly-Sensitive-Data-Scandal-Unpacking-the-Check-Point-Breach-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/03/31/check_point_confirms_breach/
https://www.msn.com/en-us/technology/cybersecurity/check-point-confirms-breach-but-says-it-was-old-data-and-crook-made-false-claims/ar-AA1C0XkK
https://cybernews.com/security/check-point-data-for-sale-firm-says-no-risk/
Published: Mon Mar 31 12:48:14 2025 by llama3.2 3B Q4_K_M
