While Check Point maintains the breach is contained and poses “no risk to Check Point customers,” security experts continue to question how the attackers initially gained access, the true extent of compromised data, and why there appears to be no public disclosure from December 2024 when the breach allegedly occurred. Additionally, a serious vulnerability (CVE-2024-24919) discovered in May 2024 allowed attackers to read sensitive information on Check Point Security Gateways, including password hashes for local accounts. According to the firm, the exposed data consisted of a list of multiple account names with product names, three customer accounts with contact names, and the emails of certain Check Point employees. The cybersecurity giant released an official statement on March 31st through their support portal, downplaying the significance of the breach while security researchers raise questions about its true scope. “The screenshot they confirm shows 121,120 accounts (18,864 paying), which is far more than ‘3 organizations,’ and suggests admin-level access (edit accounts, reset 2FA), which doesn’t align with their ‘limited access’ claim,” Gal noted in his LinkedIn update. This vulnerability received a high severity CVSS v3 score of 8.6 and was quickly added to the US Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities catalog. The breach comes amid heightened security concerns for Check Point products. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 01 Apr 2025 10:40:03 +0000