Hacking Claim: Russian Group Responsible for Microsoft Email Breach Targets HPE, Cybersecurity Firm Says

Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network. Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government. HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023. “The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch. “We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.

Hewlett Packard Enterprise announced on Wednesday that their cloud-based email system had been breached by Midnight Blizzard, a Russian-linked hacking group notorious for their high-profile cyberattacks. According to a filing with the U.S. Securities and Exchange Commission, HPE was notified on December 12th that the hacking group had gained access to their cloud-based email environment.

Midnight Blizzard, also known as APT29 or Cozy Bear, is widely believed to be sponsored by the Russian government. They have been linked to notable cyberattacks including the 2016 breach of the Democratic National Committee and the SolarWinds incident in 2019.

An internal investigation by HPE revealed that the hacking group had “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023. HPE spokesperson Adam R. Bauer confirmed to TechCrunch that the hackers had used a compromised account to gain entry into their Office 365 email environment.

In their SEC filing, HPE stated that the breach is likely related to a previous Midnight Blizzard attack in May 2023, where the group managed to steal “a limited number of SharePoint files” from HPE’s network. The company was made aware of this incident in June 2023.

Bauer disclosed that HPE is still investigating the extent of the breach and could not confirm how many mailboxes were accessed. However, the majority of those affected were from HPE’s cybersecurity, go-to-market, and business teams. He also clarified that only data from users’ mailboxes was compromised and the company will make appropriate notifications as needed.

The news of HPE’s breach comes soon after Microsoft revealed that the same hacking group had breached some of their corporate email accounts, including those belonging to their senior leadership team and employees in cybersecurity, legal, and other departments. Microsoft reported that the hacking group used a password spray attack to access targeted accounts containing information related to Midnight Blizzard.

It is currently unclear if the incidents at HPE and Microsoft are connected. When asked, Bauer stated that they do not have enough details about the Microsoft incident to make a link. He also added that HPE does not anticipate any significant impact on their business from this breach.

Avatar photo
Ava Patel

Ava Patel is a cultural critic and commentator with a focus on literature and the arts. She is known for her thought-provoking essays and reviews, and has a talent for bringing new and diverse voices to the forefront of the cultural conversation.

Articles: 831

Leave a Reply

Your email address will not be published. Required fields are marked *