Check Point responds and has confirmed that a data breach, recently discussed on BreachForums, relates to an old event. The breach occurred in December 2024, when credentials linked to a portal account were compromised. The company clarified that this portal had no connection to critical infrastructure or customer systems, ensuring no ongoing risks to its operations. The breach affected a small number of organizations, and the compromised data was minimal, such as account names and contact details.
After Check Point responds: The hacker, known as “CoreInjection,” posted on BreachForums in March 2025, claiming to possess sensitive Check Point data.
However, Check Point swiftly discredited these claims as exaggerated and based on outdated information. The data supposedly stolen, including internal network maps and customer details, was incorrect. The compromised portal did not provide access to administrative privileges or any sensitive data, with the hacker’s claims being deemed false by Check Point.
Check Point further reassured its customers that the breach posed no serious security implications. Only non-sensitive data, such as account names and product information, were exposed. The company emphasized that internal safeguards were implemented to prevent the breach from escalating into a more severe incident.
While the hacker claimed access to detailed customer contracts, Check Point denied these allegations, stating the portal was not linked to customer systems or confidential employee credentials.
Despite the company’s efforts to clarify the situation, lingering questions about the hacker’s methods and the origin of the compromised credentials remain. While Check Point has assured that no customer or employee data was impacted, they are still investigating the source of the breach. The company may release further statements to calm any uncertainties, especially considering the circulation of misleading information. The case highlights the persistent dangers of misinformation and the challenges in addressing cyber threats effectively.
Reference: