
Hackers from the CoreInjection group have put up for sale allegedly stolen data from Israeli company Check Point Software, one of the largest players in the cybersecurity industry. Despite the company’s claim of a “long-standing and localized incident,” the facts and evidence point to a deeper problem.
CoreInjection, a hacker known for his precision leaks, has priced the data at 5 bitcoins (about $410,000). In a post on the darknet, he claims to have a full set of internal diagrams, design documents, source code, passwords (including unencrypted ones), and contact information for Check Point employees.
Screenshots published by the hackers indicate the presence of admin access to the Infinity Portal, which displays data on more than 121,000 accounts, including almost 19,000 paying customers, contract data and service details up to 2031. This has cast doubt on the official version of the company, which claims that this is an “old and well-known event”.
Check Point is a leading company headquartered in Tel Aviv, specializing in the development of cybersecurity systems. There have been reports of leaks in the past, but none with such a volume of potential compromising material. According to independent researcher Alon Gal of Hudson Rock, the new screenshots cast doubt on the authenticity of the official version, since the stolen API keys and accounts with administrator rights could have given full access to client systems.
It is difficult to confirm the scope and date of the incident at this time, but if the data is up to date, this could be one of the most painful leaks among companies involved in the security of others. The event proves once again that even those who stand guard over cyber borders are not immune to intrusions, especially when the attack comes not through the front door, but through a long-forgotten window in the basement.