IntelBroker is a black hat hacker active who has committed several high-profile cyber attacks against large corporations and government agencies, with over 80 sales and leaks of compromised data having been traced to them.

After their initial string of attacks, IntelBroker was speculated to be a highly skilled team, possibly an Iranian Persistent Threat Group; however, an interview with The Cyber Express revealed that they were a single person.

[2] In another interview with the German podcast Inside Darknet,[3] IntelBroker shared several personal details, including that they are Serbian and currently reside in Russia for safety reasons.

[4] IntelBroker has expressed that law enforcement assigns national affiliations to independent actors too quickly and that the media often cover or overlook cyberattacks selectively.

Eventually they may also attempt to expand their access using compromised credentials, discover and extract more of the victim's data in order to sell them on the black market such as BreachForums.

Other targets of IntelBroker included Hewlett Packard Enterprise,Verizon, HSBC, Accor, Home Depot, Facebook, Tech in Asia, and various U.S. government agencies.

and exposed the personal information of more than one million delivery order customers, including names, phone numbers, email addresses, and building entry codes, but not financial and payment data according to the company.

[10] In May 2024, IntelBroker claimed that they had compromised employee information, FOUO source code, and operational guidelines of Europol and had breached the computer networks of Zscaler.

[9] In April 2024, IntelBroker announced that they and the black hat hacker Sanggiero had hacked Acuity, a technology contractor for the U.S. government, and subsequently obtained confidential information belonging to the Five Eyes intelligence organization and the United States military.

[18] On March 31, 2024, IntelBroker assisted Sangierro in a hack of the Chinese e-commerce website Pandabuy, with user data sold on BreachForum for a small "symbolic" bitcoin payment.

[21][22] IntelBroker and Sangierro claimed that the leak contained the names, contact details, orders, and addresses of over 3 million Pandabuy customers, while an analysis by "Have I Been Pwned?"

[21][22] On May 10, 2024, IntelBroker announced on BreachForums that they had gained access to 9,128 confidential records from the European Union's law enforcement agency Europol, including employee information, source code, and guideline documents.

[34] Soon after, AMD claimed that the breach was limited in scope, would not impact the business, and implied that it did not include employee or customer information, conflicting with the initial report by The Cyber Express.