A recent claim by a hacker has put Check Point, a well-known cybersecurity company, in the spotlight.
The hacker, who goes by the name “CoreInjection,” says they stole a big chunk of sensitive data from Check Point and is now trying to sell it online. But Check Point says there’s no need to panic, here’s what’s going on.
What Happened in the Check Point Data Breach?
On March 30, 2025, CoreInjection posted on a shady online forum called BreachForums, claiming they had stolen “highly sensitive” information from Check Point.
This data supposedly includes things like user passwords, employee contact details, and even secret maps of the company’s internal networks. They’re asking for five bitcoins, about $430,000, to hand it over.
Check Point, an Israeli company famous for protecting businesses from cyberattacks, quickly responded. They said this isn’t a new problem.
According to them, the data comes from an old incident back in December 2024, when someone used stolen login details to sneak into a small part of their system. They call it a “pinpointed event” and say it’s not a big deal.
Check Point’s Side of the Story
A Check Point spokesperson said, “We really wouldn’t call it a breach.” They explained that only one account with limited access was affected, and it didn’t touch any important customer systems or secret company plans.
“This was handled months ago,” they added, saying the hacker is just recycling old news to make it sound worse than it is.
The company says only a few organizations were involved, and they were told about it at the time. Check Point insists there’s no risk to their customers or employees.
They even posted an update on their support page, saying the stolen data was just a list of customer names, product logos, and a few employee emails- nothing too serious.
Why Some Experts Are Worried
Not everyone is buying Check Point’s explanation. Alon Gal, a cybersecurity expert and CTO of Hudson Rock, said on LinkedIn that he’s pretty sure Check Point got hacked.
He pointed to screenshots shared by CoreInjection that look like they’re from an admin dashboard, a powerful account that could do a lot of damage.
Gal said the screenshots show details about 121,120 accounts, including 18,864 paying customers, their services, and contract dates going all the way to 2031.
“If this is completely fake, I’d be surprised,” he wrote, though he admitted it’s not 100% confirmed yet. Other users on BreachForums weren’t so sure either, with one saying the proof looked like a basic user screen, not a big hack.
What Did the Hacker Really Get?
CoreInjection claims the data includes some juicy stuff: internal network maps, passwords (some not even scrambled), employee phone numbers, and even Check Point’s own software code.
If true, that could be a goldmine for other hackers. But Check Point says that’s exaggerated. They admit some screenshots might be real but argue they only show harmless info, like customer names and product logos.
The company says the December 2024 incident came from someone using stolen login details to access a portal with “limited access.” It affected just three organizations, and Check Point fixed it right away. They’re sticking to their story that no sensitive systems were hit.
Why This Matters to You
Check Point is a big name in cybersecurity, they help protect companies from hackers every day. So, if they get hacked, it’s a bit like the school security guard losing their keys. It makes people wonder: if a security expert can’t stay safe, who can? That’s why this story has folks talking.
Last year, hackers tried to use Check Point’s VPN software to break into company networks, but those attacks mostly failed. Check Point gave an easy fix for that problem, showing they’re usually quick to act.
This time, though, some experts want more answers, like how the hacker got in and why Check Point didn’t tell everyone sooner.
What’s Next for Check Point?
For now, Check Point is keeping things low-key. They told The Register they won’t say more beyond their first statement. But with screenshots floating around and experts like Alon Gal raising questions, they might have to explain more soon to calm everyone down.
Cybersecurity news sites like Cybernews and SecurityWeek are keeping an eye on this. They say CoreInjection has a history of selling real leaks, which makes some people take the claims seriously. Still, Check Point says it’s old news being blown out of proportion.
Follow TechBSB For More…
