A hacker claims to be selling data stolen from Check Point

Security firm says data is from an old breach that has been dealt with

But some security experts aren't convinced by this explanation

A hacker is claiming to have stolen a “highly sensitive” dataset from Check Point - but the company is looking to play down any concerns users might have.

The cybercriminal, going by the name of CoreInjection, posted about the dataset of compromised Check Point files on a cybercrime forum - and alleges that the information contains user credentials, employee contract information, and internal network maps, among other things.

A spokesperson from Check Point told TechRadar Pro that they “really wouldn’t call it a breach”, and added that this was “one account with limited access on a portal”. The firm’s statement assures that this is an “old, known and very pinpointed event,” that only involved a few organizations, and “ does not include customers’ systems , production or security architecture.”

“If this is completely fake, I’d be surprised”

However, concerns have been raised in the cybersecurity industry, with Hudson Rock CTO, Alon Gal saying that there is a “high certainty” that Check Point has been hacked, with a threat actor appearing to have “gained access to an administrator account with serious privileges.”

Whilst the researcher argues he would be surprised, he also explains that the breach is “not yet officially confirmed”.

In Check Point’s official response, it confirmed a breach did occur, but that this was a long time ago, and that the hacker is just recycling old information which “falsely implies exaggerated claims which never happened.”

“This was handled months ago, and didn’t include the description detailed on this message. These organisations were updated and handled at that time, and this is not more than the regular recycling of old information. We believe that at no point was there a security risk to Check Point , its customers or employees,” the spokesperson told us.

In 2024, Check Point VPN software was targeted by hackers in order to gain access to corporate networks, although these attempts were largely unsuccessful, and Check Point outlined a simple and easy fix.

Via The Register