Check Point, an Israeli cybersecurity firm, has responded to claims made by a hacker known as “CoreInjection” who alleged to have breached the company’s systems and stolen sensitive data. The hacker posted on a cybercrime forum, offering to sell the supposedly stolen information for 5 Bitcoin, equivalent to around $430,000. In the forum post, CoreInjection claimed to have accessed internal project documentation, user credentials, network maps, source code, and employee contact details.
The hacker provided screenshots as proof of their access to Check Point’s systems. However, Check Point has denied the severity of the breach, stating that the incident occurred in December 2024 and was limited in scope. The company said that the compromised portal account had restricted access and did not contain customers’ systems, production environments, or security architecture.
According to Check Point, the breach affected only three organizations and resulted in the exposure of several account names, product names, a list of employee email addresses, and three customer accounts with contact names. The company said it addressed the incident immediately and thoroughly investigated it at the time, updating and handling the affected organizations.
check point denies hacker’s claims
Check Point emphasized that the hacker’s claims were exaggerated and that the post was merely recycling old, irrelevant information. The company assured that there was no security risk to its customers or employees. Despite Check Point’s response, some cybersecurity experts have raised concerns about the hacker’s allegations.
Alon Gal, co-founder and CTO of Hudson Rock, noted that the screenshots provided by CoreInjection appeared convincing, given the hacker’s history of targeting Israeli companies and their track record of legitimate leaks. Gal also pointed out that one of the screenshots showed an admin panel view listing more than 120,000 accounts, with 18,824 appearing to be active and paying. However, he stressed the importance of distinguishing between what the hacker claimed to have access to and what was actually shown in the images.
Check Point has stated that it will not be making any further comments on the matter. The incident highlights the ongoing challenges faced by even well-secured firms in protecting against cybercriminals and the importance of transparency when breaches occur.
Noah Nguyen is a multi-talented developer who brings a unique perspective to his craft. Initially a creative writing professor, he turned to Dev work for the ability to work remotely. He now lives in Seattle, spending time hiking and drinking craft beer with his fiancee.
