General Electric is investigating allegations that an attacker breached the company’s development environment via a cyberattack and exfiltrated allegedly stolen data.

General Electric (GE) is an American multinational corporation with divisions in the energy, renewable energy, and aerospace industries. Earlier this month, an attacker named IntelBroker attempted to sell access to General Electric’s “development and software pipelines” for $500 on a hacker forum.

Having failed to sell the alleged access in question, the attacker reposted that he now sold both the network access and the allegedly stolen data.

“I have requested access to General Electrics in the past, but no serious buyers have responded or contacted me. I now sell everything separately here, including access (SSH, SVN, etc.),” ​​the threat writer wrote on the hacker forum.

“The data contains a lot of military information, files, SQL files, documents, etc. related to DARPA.”

As evidence of the breach, the attacker shared screenshots of what he claimed was stolen GE data, including a GE Aviation database that appeared to contain information related to military projects. In a statement to BleepingComputer, GE confirmed that they were aware of the hacker’s allegations and were investigating the alleged data breach.

“We are aware of attackers’ claims regarding GE data and are investigating these claims. “We will take appropriate action to help protect the integrity of our systems,” a GE spokesperson told BleepingComputer.

Although the attack is unconfirmed, IntelBroker is a hacker known for successful high-profile cyberattacks in the past. This includes Weee! misuse of product services and theft of confidential personal information from the District of Columbia Health Connection program.

DC Health Link is a healthcare marketplace based in Washington, DC, used by many White House and House staff and their families. In March, IntelBroker hacked DC Health Link and said it sold a stolen database containing thousands of people’s personal information.

The breach sparked widespread media coverage and congressional hearings to learn more about how the breach occurred. During the hearing, Mila Coffman, executive director of the D.C. Office of Health Benefits Exchange, explained that the data was exposed through a server that was not properly configured to be accessible online. Source