Check Point data leak exposed admin access and compromising information on customers

31 March 2025 2 minutes Author: Newsman

Hackers from the CoreInjection group have put up for sale allegedly stolen data from Israeli company Check Point Software, one of the largest players in the cybersecurity industry. Despite the company’s claim of a “long-standing and localized incident,” the facts and evidence point to a deeper problem.

CoreInjection, a hacker known for his precision leaks, has priced the data at 5 bitcoins (about $410,000). In a post on the darknet, he claims to have a full set of internal diagrams, design documents, source code, passwords (including unencrypted ones), and contact information for Check Point employees.

Screenshots published by the hackers indicate the presence of admin access to the Infinity Portal, which displays data on more than 121,000 accounts, including almost 19,000 paying customers, contract data and service details up to 2031. This has cast doubt on the official version of the company, which claims that this is an “old and well-known event”.

Check Point is a leading company headquartered in Tel Aviv, specializing in the development of cybersecurity systems. There have been reports of leaks in the past, but none with such a volume of potential compromising material. According to independent researcher Alon Gal of Hudson Rock, the new screenshots cast doubt on the authenticity of the official version, since the stolen API keys and accounts with administrator rights could have given full access to client systems.

It is difficult to confirm the scope and date of the incident at this time, but if the data is up to date, this could be one of the most painful leaks among companies involved in the security of others. The event proves once again that even those who stand guard over cyber borders are not immune to intrusions, especially when the attack comes not through the front door, but through a long-forgotten window in the basement.

Other related articles
News
Read more
Vroom leaked personal and banking data of 27,000 Australians
Australian fintech company Vroom has been the target of a massive data breach, with driver's licenses, banking documents, partial credit card numbers and medical data at risk. The incident exposed a critical lack of privacy protection and is yet another case of careless storage of sensitive data.
162
News
Read more
Cl0p hacks Sam’s Club, could steal millions of customers’ data
Cl0p ransomware has attacked Sam’s Club, one of the largest U.S. retail chains. The attack was part of a larger campaign to exploit vulnerabilities in Cleo file sharing. Potentially at risk are personal and financial data of customers, medical records, and employee information. Despite official denials, the investigation is ongoing. Cl0p continues to attack global companies, highlighting the scale of the cybersecurity problem in 2025.
172
News
Read more
T-Mobile to pay 33 million $ for SIM-swapping crypto wallet hack
T-Mobile will pay $33 million in compensation to a SIM-swapping victim after a cryptocurrency wallet hack. Security flaws at the carrier allowed an attacker to reissue a SIM card and bypass two-factor authentication, leading to the theft of more than 1,500 bitcoins. The court found the carrier guilty and highlighted the need to protect consumers from SIM-swapping attacks.
183
Found an error?
If you find an error, take a screenshot and send it to the bot.