ZScaler investigates the data breach claim
Share this:
Zscaler has removed an internet-exposed test environment without any customer data following rumors that it was the company claimed to have been compromised by IntelBroker.
In a statement, ZScaler said that the test environment was not hosted on Zscaler infrastructure and had no connectivity to Zscaler’s environments. The test environment was taken offline for forensic analysis and initially disclosed that there was no indication of any customer or production environment breach in response to the rumors.
IntelBroker revealed in the darkweb forum that it is selling access to sensitive and confidential logs, SSL passkeys, SSL certificates, PAuth Pointer Auth Access, and SMTP Access, from an unnamed cybersecurity firm with $1.8 billion in revenue, with the actor later claiming in a shoutbox within the forum that the company had been Zscaler.
In the recent past, IntelBroker claimed to have stolen the US State Department and other government data from tech firm Acuity. The company confirmed a breach but said only non-sensitive, old information was compromised.
IntelBroker has been making claims about obtaining US government data for more than a year. In several cases, the data has been confirmed to come from third-party service providers, but in some instances, the data was allegedly obtained directly from government systems. However, some of the hacker’s claims seemed false or exaggerated.
