Hewlett Packard Enterprise Targeted by Russian Hacking Group
Hewlett Packard Enterprise (HPE), a prominent name in the tech industry, recently disclosed that it fell victim to a cyberattack by Midnight Blizzard, a Russian-linked hacking group. This revelation comes after the group was also implicated in a breach of Microsoft’s corporate network.
On December 12, HPE was notified that Midnight Blizzard, also known as APT29 or Cozy Bear, had compromised its cloud-based email environment. This group is notorious for its high-profile cyberattacks, including the 2016 Democratic National Committee breach and the 2019 SolarWinds attack.
HPE’s internal investigation revealed that the hackers accessed and exfiltrated data from a small percentage of HPE mailboxes starting in May 2023.
The breach predominantly affected mailboxes belonging to individuals in HPE’s cybersecurity, go-to-market, and business teams. The extent of the breach and the specific number of affected mailboxes are still under investigation. HPE continues to assess the situation and will make appropriate notifications as required.
The breach is believed to be related to an earlier attack by Midnight Blizzard, where the group exfiltrated a limited number of SharePoint files from HPE’s network. This incident was first discovered in June 2023.
Interestingly, this news comes shortly after Microsoft disclosed that Midnight Blizzard had breached some of their corporate email accounts. The hacking group used a password spray attack on a legacy account to access targeted email accounts.
HPE spokesperson Adam R. Bauer stated that the company is still investigating the full scope of the breach. While the details of the incident experienced by Microsoft are not fully known, HPE does not expect this breach to have a material impact on its business.
The attack on HPE by Midnight Blizzard highlights the ongoing cybersecurity threats faced by major corporations. As companies like HPE and Microsoft continue to grapple with these challenges, the importance of robust cybersecurity measures and constant vigilance against such threats becomes increasingly evident.