Hewlett Packard Enterprise (HPE) revealed that its cloud-based email system was infiltrated by Midnight Blizzard, a Russian-linked hacking group known for its recent breach into Microsoft’s corporate network. The enterprise tech giant disclosed in a filing with the U.S. Securities and Exchange Commission that it was informed of the breach on December 12.
Key Takeaway
Hewlett Packard Enterprise (HPE) confirmed that its cloud-based email system was compromised by the Russian-linked hacking group Midnight Blizzard, resulting in the exfiltration of data from a small percentage of HPE mailboxes. The impact of the breach is currently being investigated, with notifications to be made as necessary.
Details of the Breach
An internal investigation by HPE determined that the Russia-backed hacking group had “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023. The attackers utilized a compromised account to access internal HPE email boxes in the Office 365 email environment.
Previous Incidents
This breach is likely related to an earlier attack in May 2023, where Midnight Blizzard exfiltrated “a limited number of SharePoint files” from HP’s network. The company learned about this incident in June last year.
Impact of the Breach
The accessed data is limited to information contained in the users’ mailboxes, predominantly belonging to individuals in HPE’s cybersecurity, go-to-market, and business teams. HPE spokesperson Adam R. Bauer stated that the company continues to investigate and will make appropriate notifications as required.
