While Check Point has confirmed a breach occurred in December 2024, the cybersecurity giant is firmly pushing back against hacker claims about its severity. A hacker going by “CoreInjection” made quite the splash on BreachForums, asking for a cool 5 Bitcoin (about $430,000) for what they claimed was a treasure trove of Check Point’s sensitive data. Internal network maps, credentials, source code – the works. They even shared screenshots that looked pretty legit, according to experts.
But Check Point isn’t having it. The company described the incident as a “pinpointed event” involving “old data” that posed zero risk to customers, employees, or systems. Talk about downplaying. Their story? Some portal account credentials were compromised, but the account had limited access. Problem solved, move along folks.
The discrepancies are hard to ignore, though. CoreInjection‘s screenshots suggest they had their hands on the company’s admin portal, even messing with two-factor authentication settings. Pretty bold for “old data,” right? Meanwhile, Check Point maintains this is just “recycling of old information” by an attention-seeking hacker. The company specifically refuted CoreInjection’s claims about having access to data on 120,000 accounts and details of paying customers.
This whole mess highlights a bigger problem. Cybersecurity companies are becoming prime targets themselves. The irony isn’t lost on anyone. Defenders of the digital domain, getting their own systems breached. Not a great look.
The industry implications could be serious. Trust is everything in cybersecurity. When a company that sells protection can’t protect itself – customers ask questions. Hard ones. Industry expert Alon Gal noted that many details in the leaked screenshots appear too authentic to fabricate.
Check Point’s limited engagement with the media leaves plenty of unanswered questions. How exactly did the breach happen? Is everything truly contained? Why do those screenshots seem to contradict the “old data” claim? With cybercrime costs projected to reach 13.82 trillion dollars by 2028, incidents like this underscore the growing sophistication of attacks.
CoreInjection has apparently been busy, selling data from five companies, mostly Israeli targets. Prices for other companies’ data ranged from $30,000 to $100,000. This guy has a track record of legitimate leaks, which makes Check Point’s dismissive stance all the more interesting.
The bottom line? Something happened at Check Point. The extent and implications remain contested territory. For a company that preaches transparency in security, their tight-lipped response speaks volumes. Sometimes what’s not said matters more than what is.
