Hewlett Packard Enterprise
(HPE) has revealed that a
Russian hacker group
known as
Midnight Blizzard
was allegedly involved in a cyber attack that hit the company last year. The company claims that the hackers gained access to it's
Microsoft Office 365
email environment and were able to steal data from its cybersecurity team and other departments.
In a recent SEC filing, HP said that the company was notified about the attack on December 12, 2023.
The laptop maker added that the suspected Russian hackers started to breach its cloud-based email environment in May 2023.
The company also noted that it's working with external cybersecurity experts and law enforcement to investigate the incident. HP believes that the breach might be related to a previous breach in May 2023. In this attack, the threat actors allegedly gained access to the company's SharePoint server and stole files.
What the company has to say
In a statement to Bleeping Computer, the company said: “On December 12, 2023, HPE was notified that a suspected nation-state actor had gained unauthorized access to the company’s Office 365 email environment. HPE immediately activated cyber response protocols to begin an investigation, remediate the incident, and eradicate the activity. Through that investigation, which remains ongoing, we determined that this nation-state actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions. We believe the nation-state actor is Midnight Blizzard, also known as Cozy Bear.
The accessed data is limited to information contained in the users’ mailboxes. We continue to investigate and will make appropriate notifications as required.
Out of an abundance of caution and a desire to comply with the spirit of new regulatory disclosure guidelines, we have filed a form 8-K with the Securities & Exchange Commission to notify that body, and investors, about this incident. That said, there has been no operational impact on our business and, to date, we have not determined that this incident is likely to have a material financial impact.”
What is the Midnight Blizzard hacking group
Midnight Blizzard, which is also known as Cozy Bear, is a Russian state-sponsored hacking group that is allegedly part of the country’s Foreign Intelligence Service (SVR). The threat actors have been linked to multiple attacks throughout the past few years.
In 2020, the group was behind the SolarWinds supply chain attack. Tech major
Microsoft
also recently reported a security breach by Midnight Blizzard. This attack involved data theft from the company's corporate email accounts, including its leadership team.
The Times of India Gadgets Now awards: Cast your vote now and pick the best phones, laptops and other gadgets of 2023
English (US) ·