Iain Mulholland, director of VMware's Security Response Center, said despite the code leak, it "does not necessarily mean that there is any increased risk to VMware customers," and takes the matter of security seriously. The company said it is engaging with "internal and external resources".
Kaspersky's Threatpost said that the hacker claims to have hacked China's National Electronics Import and Export Corp. (CEIEC) in March, which led to other information being leaked. Samples of VMware's code have already been released, with promises of more CEIEC data in May, after the hacker claimed he was investigating U.S. military activities.
CEIEC denied the claims calling them "totally groundless, highly subjective and defamatory."