HPE claims it was hacked by Russian group behind Microsoft email breach, Although the number of emails accessed is unknown, according to Bauer.
Hewlett Packard Enterprise revealed on Wednesday that Midnight Blizzard, a hacker group with ties to Russia that recently gained access to Microsoft’s corporate network, had infiltrated its cloud-based email system.
The corporate software behemoth claimed in a filing with the US Securities and Exchange Commission that it received notice on December 12 of a breach in its cloud-based email system caused by Midnight Blizzard, also referred to as APT29 or Cozy Bear.
The renowned hacker collective Midnight Blizzard is commonly thought to have Russian government funding. The hackers are suspected of being behind several well-known assaults, such as the DNC hack in 2016 and the SolarWinds attack in 2019.
Related: Hackers breached Microsoft to see what Microsoft knows about them
The Russia-backed hacking organization “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes beginning in May 2023, according to HPE, which stated that an internal investigation has since been conducted. The attackers “leveraged a compromised account to access internal HPE email boxes in our Office 365 email environment.” an HPE spokesman, Adam R. Bauer said.
In an SEC filing, the business stated that the breach is probably connected to a previous Midnight Blizzard attack in which the gang exfiltrated “a limited number of SharePoint files” from HPE’s network in May 2023. The company found out about this incident in June 2023.
Although the number of emails accessed is unknown, according to Bauer, the company believes that most of them belonged to members of HPE’s business, go-to-market, and cybersecurity teams. The accessed data is limited to information contained in the users’ mailboxes, Bauer said. “We continue to investigate and will make appropriate notifications as required.”
The HPE hack was discovered only a few days after Microsoft said that corporate email accounts belonging to the company’s “senior leadership team and employees in our cybersecurity, legal, and other functions” had been compromised by hackers from Midnight Blizzard. The IT firm claims that the hacking organization gained access to specific email accounts that included details about Midnight Blizzard itself by using a password spray assault, in which a malevolent actor attempts the same password on many accounts, on a legacy account.
The HPE and Microsoft problems may or may not be related.
“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer said. HPE does not anticipate that the event will materially affect its business, he continued.
