HPE Hacked by Russian Hacker Group ‘Midnight Blizzard’ that Hacked Microsoft

Written by Gabby Lee

January 26, 2024

HPE Hacked by Russian Hacker Group ‘Midnight Blizzard’ that Hacked Microsoft

The HPE hack was attributed to a group of suspected Russian hackers known as Midnight Blizzard, also referred to as Cozy Bear, APT29, and Nobelium.


Hewlett Packard Enterprise (HPE) has reported that it experienced a security breach in its Microsoft Office 365 email environment. The breach was attributed to a group of suspected Russian hackers known as Midnight Blizzard, also referred to as Cozy Bear, APT29, and Nobelium.

Midnight Blizzard is believed to be linked to Russia’s Foreign Intelligence Service (SVR). HPE was alerted to the breach on December 12th, 2023, and it was discovered that the hackers gained unauthorized access to the company’s cloud-based email system in May of the same year.

“Based on our investigation, we now believe that the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,”

Reads the SEC filing.

HPE Hacked and Ongoing Investigations Point to a Previous Related Incident

HPE is currently conducting an ongoing investigation into the breach. They suspect that it may be connected to a previous incident in May 2023, during which unauthorized individuals accessed HPE’s SharePoint server and pilfered files.

To aid in their investigation, HPE is collaborating with external cybersecurity experts and law enforcement authorities.

“Through that investigation, which remains ongoing, we determined that this nation-state actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions. We believe the nation-state actor is Midnight Blizzard, also known as Cozy Bear.

The accessed data is limited to information contained in the users’ mailboxes. We continue to investigate and will make appropriate notifications as required.”

HPE said in a statement

Hewlett Packard Enterprise Hack Tracks Similarities with Midnight Blizzard Hack on Microsoft

The firm has not given additional specifics regarding the HP enterprise hack. However, Microsoft recently disclosed a security incident involving Midnight Blizzard, which resulted in data theft from their corporate email accounts, including those of their leadership team.

Microsoft’s breach occurred due to a misconfigured test tenant account, enabling the threat actors to carry out a brute force attack and gain unauthorized access to their systems.

Midnight Blizzard, after infiltrating Microsoft’s systems, targeted the corporate email accounts of Microsoft’s senior leadership team, as well as employees in the cybersecurity and legal departments. HPE has stated that they are uncertain whether their incident is connected to Microsoft’s breach.

It is worth noting that HPE experienced a previous breach in 2018, where Chinese hackers gained unauthorized access to their network and used it as a stepping stone to compromise their customers’ devices, as well as IBM’s network.

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

 

Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!