Microsoft Hackers Targeted HPE!

8bz1...QVcw
25 Jan 2024
38

Hewlett Packard Enterprise said Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently infiltrated Microsoft's corporate network.

The enterprise technology giant said in a filing with the U.S. Securities and Exchange Commission that it was notified on December 12 that Midnight Blizzard, also known as APT29 or Cozy Bear, had breached its cloud-based email environment.


Midnight Blizzard is a notorious hacking group believed to be supported by the Russian government. Hackers have been linked to a number of high-profile cyberattacks, including the breach of the Democratic National Committee in 2016 and the SolarWinds attack in 2019.

HPE said an internal investigation determined that the Russia-backed hacking group "accessed and exfiltrated data" from a "small percentage" of HPE mailboxes starting in May 2023. HPE spokesman Adam R. Bauer told TechCrunch that the attackers "exploited a security vulnerability." An account that gives you access to internal HPE email boxes within our Office 365 email environment.”

The company said in its SEC filing that the breach was likely related to an earlier Midnight Blizzard attack in which the group leaked a "limited number of SharePoint files" from the HPE network in May 2023, an incident the company learned of in June 2023.

Bauer said the company had not yet determined how many mailboxes were accessed, but that they predominantly belonged to people in HPE's cybersecurity, go-to-market and business teams. “The data accessed is limited to the information contained in users' mailboxes,” Bauer told TechCrunch. "We will continue to investigate and make appropriate notifications when necessary."

News of the HPE breach comes just days after Microsoft announced that Midnight Blizzard hackers had breached some corporate email accounts, including those of the company's "senior leadership team and employees across our cybersecurity, legal and other functions." According to the tech giant, the hacking group used a password spray attack on an old account, in which a bad actor tried the same password on multiple accounts, to access targeted email accounts containing Midnight Blizzard-related information.

It is not yet known whether the HPE and Microsoft incidents are related. “We don't have the details of the incident that Microsoft experienced and disclosed last week, so we can't connect the two at this time,” Bauer told TechCrunch. He added that HPE does not expect the incident to have a material impact on its business.


BULB: The Future of Social Media in Web3

Learn more
Enjoy this blog? Subscribe to Hacker

2 Comments