Zscaler has completed its investigation into the recent hacking claims and found that only an isolated test environment was impacted.
On May 8, a hacker known as IntelBroker offered to sell access to the systems of one of the largest cybersecurity companies, which he did not immediately name. The black hat offered to sell credentials, passkeys and certificates for a total price of $20,000 in cryptocurrency.
He separately confirmed that the target was Zscaler and later claimed that the data had been sold. After the sale of the data was announced, IntelBroker posted several screenshots showing that Zscaler was the victim, as well as some of the compromised credentials.
Zscaler immediately launched an investigation and determined that the breach did not impact customer, production or corporate environments. It quickly found an internet-exposed test environment, but did not specifically say whether that was the hacker’s target.
Outside incident response experts were also called in to conduct an investigation.
Early on Tuesday, May 14, Zscaler announced completing its investigation and confirmed that the test environment was indeed impacted.
“The impact was limited to an isolated single server test environment (without customer data) not hosted on Zscaler infrastructure,” Zscaler said. “The independent third-party IR investigation, which conducted forensic analysis of the incident, is also complete, and the third-party findings are consistent with those of Zscaler.”
IntelBroker has been offering to sell data allegedly stolen from government organizations and high-profile companies since at least late 2022. One of his most recent victims is Europol, from which the hacker claimed to have stolen classified information.
Europol is investigating the incident, but it appears that only a law enforcement information sharing platform was impacted.
While in many cases the organizations targeted by IntelBroker have confirmed a data breach, the hacker’s claims often seem exaggerated.
*updated wording describing impact
Related: Data of 750 Million Indian Mobile Subscribers Sold on Hacker Forums
Related: Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware
Related: List Containing Millions of Credentials Distributed on Hacking Forum, but Passwords Old
