HomeNewsHPE says it was hacked by Russian group behind Microsoft e mail...

HPE says it was hacked by Russian group behind Microsoft e mail breach

Hewlett Packard Enterprise mentioned on Wednesday that its cloud-based e mail system was compromised by Midnight Blizzard, a Russia-linked hacking group that just lately broke into Microsoft’s company community.

In a submitting with the U.S. Securities and Change Fee, the enterprise tech large mentioned it was notified on December 12 that Midnight Blizzard, often known as APT29 or Cozy Bear, had breached its cloud-based e mail surroundings.

Midnight Blizzard is a infamous hacking group that’s extensively believed to be sponsored by the Russian authorities. It has been linked to plenty of high-profile assaults, together with the notorious SolarWinds assault in 2020 and the 2016 breach of the Democratic Nationwide Committee.

HPE mentioned an inner investigation has since decided that the Russia-backed hacking group “accessed and exfiltrated information” from a “small proportion” of HPE mailboxes beginning in Might 2023. HPE spokesperson Adam R. Bauer informed information.killnetswitch that the “subtle” attackers “leveraged a compromised account to entry inner HPE e mail packing containers in our Workplace 365 e mail surroundings.”

See also  A authorities watchdog hacked a US federal company to stress-test its cloud security

The corporate mentioned in its SEC submitting that the breach is probably going associated to an earlier Midnight Blizzard assault that noticed the group exfiltrate “a restricted variety of SharePoint information” from HP’s community in Might 2023, an incident the corporate realized about in June final yr.

Bauer mentioned the corporate hasn’t but decided what number of mailboxes had been accessed however mentioned they predominantly belonged to people in HPE’s cybersecurity, go-to-market, and enterprise groups. “The accessed information is proscribed to info contained within the customers’ mailboxes,” Bauer informed information.killnetswitch. “We proceed to research and can make acceptable notifications as required.”

Information of the HPE breach comes simply days after Microsoft disclosed that Midnight Blizzard hackers had breached some company e mail accounts, together with these of the corporate’s “senior management workforce and staff in our cybersecurity, authorized, and different capabilities.” Based on the tech large, the hacking group used a password spray assault – the place a foul actor tries the identical password on a number of accounts – on a legacy account to entry focused e mail accounts containing info associated to Midnight Blizzard itself.

See also  9 VPN alternate options for securing distant community entry

It’s not but identified whether or not the HPE and Microsoft incidents are linked.

“We don’t have the main points of the incident that Microsoft skilled and disclosed final week, so we’re unable to hyperlink the 2 right now,” Bauer informed information.killnetswitch. He added that HPE doesn’t anticipate the incident to have a cloth impression on its enterprise.

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular