HPE Cloud Email Breached by Russian-Linked Hackers

In a U.S. Securities and Exchange Commission filing, HPE announced the breach occurred on December 12, perpetrated by Midnight Blizzard, known as APT29 or Cozy Bear, a group believed to be backed by the Russian government.

The hackers, linked to significant cyberattacks like the 2016 Democratic National Committee breach and the 2019 SolarWinds attack, accessed and exfiltrated data from HPE’s Office 365 email environment. HPE spokesperson Adam R. Bauer revealed that a compromised account was used to access internal HPE email boxes, affecting a small percentage of mailboxes primarily belonging to the cybersecurity, go-to-market, and business teams.

HPE connected this breach to a previous incident in May 2023, where Midnight Blizzard exfiltrated limited SharePoint files from the company. The extent of mailbox access and the exact data compromised remain under investigation, with HPE committed to appropriate notifications as required.

The news of HPE’s breach follows closely behind Microsoft’s disclosure of Midnight Blizzard’s password spray attack on corporate email accounts, including senior leadership and cybersecurity teams. The connection between the HPE and Microsoft incidents remains unclear, with HPE unable to establish a link at this time. Bauer emphasized that the breach is not expected to materially impact HPE’s business operations.

HPE Cloud Email Breached by Russian-Linked Hackers

Keep up to Date with Latin American VC, Startups News

Keep up to Date with Latin American VC, Startups News

Read more

The GitHub Siege: Navigating the Flood of Malicious Repositories

Chilean IPTV Provider Zapping.com Exposes User Financial Data

Cybersecurity firm Nymiz raises €2.8M in funding round led by Swanlaab

Crypto Industry Sees Over 50% Decline in Losses in 2023

Russian Hackers Compromise Microsoft Senior Executives’ Emails

Torq Raises $42M, Total Funding Hits $120M