A hacker using the alias “CoreInjection” has claimed responsibility for stealing what they describe as a “highly sensitive” dataset from cybersecurity firm Check Point. 

According to several media reports, the alleged stolen data includes user login credentials, employee contracts, and internal network blueprints. Despite these claims, Check Point has downplayed the incident, describing it as an outdated and isolated event involving a single account with restricted access. 

The company emphasized that no customer systems, production environments, or core security infrastructure were affected. In an official statement, Check Point clarified that the incident had occurred months ago and was addressed at the time. 

The firm criticized the hacker’s claims as misleading, suggesting they are reusing old data to create a false narrative. Cybersecurity expert Alon Gal, CTO of Hudson Rock, expressed concerns over the situation, noting that there is a strong possibility the breach involved access to a privileged administrator account—though he acknowledged that the event has yet to be fully confirmed. 

This isn’t the first time Check Point has faced such scrutiny. In 2024, its VPN software was targeted by attackers attempting to exploit it to breach corporate networks. However, those efforts were largely unsuccessful, and the company quickly issued a straightforward fix. 

While Check Point continues to reassure stakeholders that no major security risk was posed, the incident highlights the persistent threats facing even the most established cybersecurity firms.