Security breach acknowledged by Check Point Software, yet they refute assertions made by the alleged cybercriminals involved.
In a recent development, Check Point Software Technologies, a leading cybersecurity company, has clarified that there is no evidence to suggest that it was breached or hacked in March 202x, as claimed by a threat actor.
On Tuesday, Check Point issued a security advisory, outlining the scope of an incident that occurred in December 202x. The incident was limited to a few customers and a specific portal, according to Check Point officials. The incident has since been resolved, and the company has taken additional steps to bolster its security measures.
The security advisory aims to help customers take additional steps to protect their systems. The offered information includes source code, internal network maps, and user credentials. However, it is important to note that the user centre credentials posted by the threat actor may have been stolen over a period of time from various sources, not necessarily from Check Point.
The March breach claimed by the threat actor is not confirmed by Check Point. Gil Messing, the chief of staff at Check Point, stated that the incident was handled months ago and does not match the information claimed by the threat actor. Messing added that there is no indication that Check Point Software itself was involved as a victim or target of a hacking attempt in March 202x.
Instead, what is documented is that Check Point Research (CPR), the research arm of Check Point Software Technologies, has actively reported on cyber threats and hacking campaigns happening in 2025, especially those involving exploitation of Microsoft SharePoint vulnerabilities (ToolShell) starting in July 2025[1][3].
Check Point Research identified and confirmed dozens of compromise attempts exploiting Microsoft SharePoint’s "ToolShell" vulnerabilities starting from early July 2025 across sectors like government, telecommunications, and software in North America and Western Europe[1]. These attacks primarily involve Chinese-linked threat groups conducting cyber-espionage and intellectual property theft using chained SharePoint flaws[1][3].
Check Point also reported on phishing trends in Q2 2025, highlighting Microsoft as the most impersonated brand in phishing campaigns. However, this is research and threat intelligence — not Check Point itself being hacked[2]. No reports or evidence found in the provided 2024-2025 breach listings show Check Point Software Technologies as a victim or having suffered a breach in March 202x or any other recent period[4].
In brief, Check Point Software Technologies functions as a cybersecurity company producing intelligence on hacking attempts rather than being reported as breached or hacked in March 202x. The major hacking attempts they uncovered recently relate to Microsoft SharePoint vulnerabilities exploited from July 2025 with a global scope affecting multiple sectors[1][3].
Alon Gal, co-founder and CTO at Hudson Rock, posted screenshots from what appears to be an admin account with access to a Check Point portal. However, the newly posted information is not related to any of Check Point's users, according to the company. The threat actor later posted additional claims of a more recent Check Point breach in March, demanding $420,000 in bitcoin.
Despite these claims, Check Point officials maintain that the incident is considered old and has been resolved. The incident did not involve customers' systems, production, or security architecture, according to Messing. The company is continuing to monitor the situation and is working closely with law enforcement agencies to investigate the matter further.
- The security advisory issued by Check Point Software Technologies in December 202x was related to a limited incident involving a few customers and a specific portal, not a broader cybersecurity breach or hack of the company as claimed by recent threat actors in March 202x.
- Despite recent claims and allegations, Check Point Software Technologies, in their capacity as a leading cybersecurity company, functions primarily in the realm of threat intelligence and reporting on cyber threats, rather than being a victim or target of a hacking attempt in March 202x, as stated by Gil Messing, the Chief of Staff at Check Point.
