Check Point Breach: A ‘Highly Targeted Incident’

Check Point, an Israeli cybersecurity firm, has denied claims made by hackers on BreachForums regarding a successful cyberattack that allegedly resulted in the theft of “highly sensitive” corporate data. The hackers, operating under the alias “CoreInjection,” have reportedly put up for sale items such as internal network diagrams, user credentials, and proprietary source code, demanding a price of five Bitcoins, approximately valued at $413,000.

In response, Check Point spokesperson Gil Messing stated that the event referred to by the hackers was a previously identified, isolated incident that impacted a limited number of organizations, none of which included customer systems or critical security architectures. Messing further emphasized that their investigation, conducted months ago, concluded no security threats or risks to customers or employees originated from the alleged breach.

Amidst claims of stolen data, the hackers shared screenshots purportedly from Check Point’s cloud-based security management system, Check Point Infinity Portal. Even so, Messing indicated that these images do not substantiate the claims made by CoreInjection, asserting they only displayed a list of customers and their utilized products, with no evidence of unauthorized access to sensitive systems.

CoreInjection’s user activity on BreachForums appears to date back to January, and the individual behind the alias is also alleged to have targeted other notable Israeli businesses, indicating a broader trend of cyber threats against the country’s tech sector. Some BreachForums members expressed doubts about the credibility of CoreInjection’s assertions, questioning the legitimacy of the data and requesting further evidence.

Adding complexity to the situation, Along Gal, a co-founder of cybercrime monitoring firm Hudson Rock, has expressed confidence that a breach at Check Point has indeed occurred. This claim underscores the ongoing uncertainty surrounding the incident and highlights the difficulty cybersecurity professionals face in assessing the truth of breach allegations in real-time.

Check Point’s recent leadership change—their first since the company’s founding in 1993—could also play a role in their public relations approach following this event. Nadav Zafrir took the helm in December, succeeding co-founder Gil Shwed, who transitioned to an executive chairman role on the board.

In August, Check Point announced their acquisition of Cyberint Technologies, aimed at addressing emerging risks such as stolen credentials and the proliferation of fake websites. Cyberint CEO Yochai Corem previously remarked that over 90% of organizations are grappling with threats from leaked credentials and malicious scams, emphasizing the volatility in today’s cybersecurity landscape.