HPE says it was hacked by Russian group behind Microsoft e-mail breach

Hewlett Packard Enterprise mentioned on Wednesday that its cloud-based e-mail system was compromised by Midnight Blizzard, a Russia-linked hacking group that lately broke into Microsoft’s corporate network.

In a filing with the U.S. Securities and Alternate Fee, the enterprise tech big mentioned it was notified on December 12 that Midnight Blizzard, also referred to as APT29 or Cozy Bear, had breached its cloud-based e-mail surroundings.

Midnight Blizzard is a infamous hacking group that’s broadly believed to be sponsored by the Russian authorities. It has been linked to quite a few high-profile assaults, together with the notorious SolarWinds assault in 2020 and the 2016 breach of the Democratic Nationwide Committee.

HPE mentioned an inside investigation has since decided that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes beginning in Could 2023. HPE spokesperson Adam R. Bauer instructed TechCrunch that the “sophisticated” attackers “leveraged a compromised account to access internal HPE email boxes in our Office 365 email environment.”

The corporate mentioned in its SEC submitting that the breach is probably going associated to an earlier Midnight Blizzard assault that noticed the group exfiltrate “a limited number of SharePoint files” from HP’s community in Could 2023, an incident the corporate realized about in June final 12 months.

Bauer mentioned the corporate hasn’t but decided what number of mailboxes had been accessed however mentioned they predominantly belonged to people in HPE’s cybersecurity, go-to-market, and enterprise groups. “The accessed data is limited to information contained in the users’ mailboxes,” Bauer instructed TechCrunch. “We continue to investigate and will make appropriate notifications as required.”

Information of the HPE breach comes simply days after Microsoft disclosed that Midnight Blizzard hackers had breached some company e-mail accounts, together with these of the corporate’s “senior leadership team and employees in our cybersecurity, legal, and other functions.” In line with the tech big, the hacking group used a password spray attack – the place a foul actor tries the identical password on a number of accounts – on a legacy account to entry focused e-mail accounts containing info associated to Midnight Blizzard itself.

It’s not but recognized whether or not the HPE and Microsoft incidents are linked.

“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer instructed TechCrunch. He added that HPE doesn’t anticipate the incident to have a cloth affect on its enterprise.