Hewlett Packard Enterprise cloud email system breached by same Russian group that attacked Microsoft

Hewlett Packard Enterprise Co. (HPE) has fallen victim to a cyberattack, taken up by Russian group Midnight Blizzard, the same group that recently took on Microsoft and breached its executive email systems. HPE pointed fingers at the threat actor Midnight Blizzard, also known as Cozy Bear, a state-sponsored actor with ties to Russia, in a US SEC filing.

The breach was discovered on December 12, 2023, and the company believes data exfiltration started in May of the same year.

The cybersecurity incident affected a small percentage of HPE mailboxes, particularly those belonging to individuals in the cybersecurity, go-to-market, business segments, and other functions. The breach is believed to be related to an earlier attack by the same threat actor in June 2023, involving unauthorised access and exfiltration of SharePoint files. HPE stated that immediate actions were taken following the June incident, and it did not materially impact the company at that time.

While the investigation is ongoing, HPE has not observed any additional activity by the threat actor since eradicating their presence in December. The company is working with law enforcement and will notify affected individuals based on the findings of the investigation. As of now, the incident has not had a material impact on HPE’s operations, and the company does not deem it reasonably likely to materially impact its financial condition or results of operations.

The breach is another concerning development involving the Cozy Bear threat actor, which is also suspected of recently hacking into Microsoft’s corporate network. This brings to attention the need for enhanced cybersecurity measures and vigilance in the face of state-sponsored hacking groups.

Read more at thetechportal.com

x