The Cybersecurity Firm has responded and updated to Rumors of Zscaler Data Breach.
On May 8th 2024, cybersecurity giant Zscaler responded to rumors circulating that an infamous hacker named “IntelBroker” was allegedly selling access to the company’s systems.
In a statement on its Trust site, Zscaler said it was investigating the claims but found “Zscaler Hacked” rumors to be “completely inaccurate and unfounded” so far.
The $1.8 billion company reassured there was “no evidence” its customer or production environments were compromised.
Hackers Claim Access to Logs, Credentials in the Alleged Zscaler Data Breach
IntelBroker began touting the alleged Zscaler Breach on hacking forums, claiming to possess confidential logs, SMTP access, SSL keys and more from a $1.8 billion revenue firm.
Screenshots showed the threat actor explicitly mentioned Zscaler by name. As Zscaler’s reported revenue matches the details, speculation emerged they were the potential victim.
IntelBroker is an infamous hacker known for the DC Health Link Breach which exposed US lawmakers’ data and led to a congressional hearing. IntelBroker is also known for breaching HPE (Hewlett Packard Enterprise), Home Depot, and Weee!
Zscaler Data Breach Update: Only “Zscaler Test Environment” Was Exposed
However, in an evening update, Zscaler confirmed findings from the ongoing Zscaler News investigation. The company discovered an isolated test environment hosted on an external server was exposed online.
Though this single compromised test server contained no customer information and was isolated, out of caution Zscaler immediately took it offline for forensic analysis.
No other customer or production systems were impacted by this isolated Zscaler Hacked test environment. The timely investigation and disclosure aims to maintain trust in Zscaler’s services.
Moving forward, Zscaler will continue monitoring for any signs of intrusion across its secure platforms, as cybercriminals frequently target large firms like Zscaler holding sensitive data.
Though initially refuted, full transparency into even minimal breaches helps build customer confidence.