A Dark Web Drama Unfolds: General Electric's Data at Stake

In the mysterious world of the dark web, a notorious threat actor has recently been spotted, claiming to sell sensitive information pilfered from an iconic American conglomerate, General Electric (GE). This alleged digital heist puts a spotlight on the escalating concerns around cybersecurity in today's interconnected world.

Founded over a century ago by Thomas Edison, General Electric is a household name synonymous with American innovation. With a vast portfolio spanning aerospace to renewable energy, GE's footprint is undoubtedly expansive. However, this latest development underscores that even the most established corporations are not immune to cyber threats.

The news of this alleged breach first came to light through screenshots posted on social media platform X (formerly Twitter). The threat actor, who goes by the name IntelBroker, announced their intentions to sell the stolen data on a popular dark web marketplace.

IntelBroker's listing reads, "I previously listed the access to General Electrics, however, no serious buyers have actually responded to me or followed up. I am now selling the entire thing here separately, including access (SSH, SVN etc). Data includes a lot of DARPA-related military information, files, SQL files, documents etc."

While the authenticity of the data remains unverified, the possibility of it containing significant military information linked to DARPA is alarming. IntelBroker is not a novice in the realm of high-profile breaches. They made headlines in March this year when they compromised the health insurance marketplace DC Health Link, managed by the DC Health Benefit Exchange Authority (HBX), exposing personal data of 170,000 individuals.

The latest news of IntelBroker's activities has understandably set off alarm bells at General Electric. The company, it is believed, has launched an investigation into the reports.This incident is not GE's maiden encounter with data breaches. Last year, GE alerted authorities about a data breach that impacted employee data via a third-party provider, Canon Business Process Services. Additionally, a former GE Power employee, Xiaoqing Zheng, was sentenced to 24 months in prison earlier this year for his role in a conspiracy to steal aviation trade secrets and send them to China.

As the story unfolds, it serves as a chilling reminder of the persistent threat of cybercrime in our increasingly digital world. It underscores the need for robust cybersecurity measures, timely threat detection, and effective incident response strategies.

Special thanks to Phil Muncaster, UK / EMEA News Reporter, Infosecurity Magazine, for the original reporting.

Know more. Investigate better.