HPE Breached by Russia-Backed Hackers

Print Friendly, PDF & Email

HPE disclosed that its email system was hacked by a Russia-sponsored actor known as Midnight Blizzard, also called Cozy Bear.

In a regulatory filing, HPE reported it was notified in December 2023 that “the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions.”  During the breach, the hackers compromised “a limited number of SharePoint files as early as May 2023,” HPE’s filing stated.

The group also is believed to have committed the 2020 SolarWinds hack and for breaching Microsoft executives’ emails, announced last week.

HPE said that it is still investigating the hack, which it believes was related to another incident that occurred in June of last year. “Following the notice in June, we immediately investigated with the assistance of external cybersecurity experts and took containment and remediation measures intended to eradicate the activity,” the company stated. “Upon undertaking such actions, we determined that such activity did not materially impact the company.”