BreachForums post claiming to sell alleged stolen data has no security implications: Check Point

On March 30th, 2025, a BreachForums post offered to sell alleged hacked Check Point data. This pertains to a previously identified event from several months ago, which Check Point addressed at the time and confirmed but had no security implications.

This event included 3 organizations' tenants in a portal that does not include customers' systems, production or security architecture. The event did not include the descriptions as detailed in the post.

The event was addressed immediately and thoroughly investigated by Check Point. These organizations were updated and handled at the time, but the BreachForums post is recycling this old, irrelevant information.

What is the BreachForums post all about?

The post relates to an event from December 2024, and stems from compromised credentials of a portal account with limited access. It was limited to a list of several account names with product names, 3 customers' accounts with contact names, and a list of some Check Point employees' emails. As clarified, the list did not include customers' systems, production, or any security architecture.

The content of the BreachForums post thus falsely implies exaggerated claims which never happened. The portal implies different internal mitigations.

A thorough investigation concluded by Check Point states that there is no risk to any Check Point customers and there are no security implications.

BreachForums (sometimes termed Breached) is a prominent online platform known for being a marketplace for stolen databases, tools, and access credentials, and serving as a site that allows conversations around hacking techniques, data breaches, and more.