Breach cyber

Check Point

Apr 1, 2025 1 min read
Check Point

A hacker using the alias CoreInjection claims to have obtained sensitive data from Check Point, including user credentials, employee contract details, and internal network maps. Check Point downplays the incident, asserting it relates to a limited and previously addressed breach. The breach supposedly involved just one account with restricted portal access and did not extend to customers' systems, production, or security architecture. Despite the company's stance, security experts like Hudson Rock CTO Alon Gal suggest Check Point may have had an administrator account compromised, indicating a serious breach with potential internal company data leaks.

Source: https://www.techradar.com/pro/security/security-firm-check-point-confirms-data-breach-but-says-users-have-nothing-to-worry-about

TPRM report: https://scoringcyber.rankiteo.com/company/check-point-software-technologies

"id": "che417040125",
"linkid": "check-point-software-technologies",
"type": "Breach",
"date": "4/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Cybersecurity',
                        'name': 'Check Point',
                        'type': 'Company'}],
 'attack_vector': 'Compromised Account',
 'data_breach': {'data_exfiltration': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['user credentials',
                                              'employee contract details',
                                              'internal network maps']},
 'description': 'A hacker using the alias CoreInjection claims to have '
                'obtained sensitive data from Check Point, including user '
                'credentials, employee contract details, and internal network '
                'maps. Check Point downplays the incident, asserting it '
                'relates to a limited and previously addressed breach. The '
                'breach supposedly involved just one account with restricted '
                "portal access and did not extend to customers' systems, "
                "production, or security architecture. Despite the company's "
                'stance, security experts like Hudson Rock CTO Alon Gal '
                'suggest Check Point may have had an administrator account '
                'compromised, indicating a serious breach with potential '
                'internal company data leaks.',
 'impact': {'data_compromised': ['user credentials',
                                 'employee contract details',
                                 'internal network maps']},
 'motivation': 'Data Theft',
 'threat_actor': 'CoreInjection',
 'title': 'Check Point Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Account Compromise'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.