HP Enterprise discloses hacking

HP Enterprise discloses hack by suspected Russian hackers

/ 09:29 AM January 25, 2024

BOSTON  — Hewlett Packard Enterprise disclosed Wednesday that suspected state-backed Russian hackers broke into its cloud-based email system and stole data from cybersecurity and other employees.

The provider of information technology products and services said in a Securities and Exchange Commission regulatory filing that it was informed of the intrusion on Jan. 12. It said it believed the hackers were from Cozy Bear, a unit of Russia’s SVR foreign intelligence service.

Microsoft reported last week that it also discovered an intrusion of its corporate network on Jan. 12. The Redmond, Washington, tech giant said the breach began in late November and also blamed Cozy Bear. It said the Russian hackers accessed accounts of senior Microsoft executives as well as cybersecurity and legal employees.

Article continues after this advertisement

READ: Microsoft says it was hacked by Russian state-sponsored group

FEATURED STORIES

Cozy Bear was behind the SolarWinds breach and focuses stealth intelligence-gathering on Western governments, IT service providers and think tanks in the U.S. and Europe.

“Based on our investigation, we now believe that the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” HPE, which is based in Spring, Texas, said in the filing.

Article continues after this advertisement

Company spokesman Adam R. Bauer, reached by email, would not say who informed HPE of the breach. “We’re not sharing that information at this time.” Bauer said the compromised email boxes were running Microsoft software.

Article continues after this advertisement

HPE employees’ accounts

In the filing, HPE said the intrusion was “likely related to earlier activity by this threat actor, of which we were notified in June 2023, involving unauthorized access to and exfiltration of a limited number of SharePoint files.”

Article continues after this advertisement

SharePoint is part of Microsoft’s 365 suite, formerly known as Office, which includes email, word-processing and spreadsheet apps.

Bauer said HPE is unable to say whether the breach of its network was related to the hack that Microsoft disclosed last week as “we do not have the details of the incident Microsoft disclosed.”

Article continues after this advertisement

He did not specify the seniority of the HPE employees whose accounts were accessed by the hackers. “The total scope of mailboxes and emails accessed remains under investigation.”

READ: US intelligence agencies say Russia likely behind hacking of gov’t agencies

HPE said in the filing that it has so far determined that the hack has had no material impact on its operations or financial health.

Both disclosures come a month after a new U.S. Securities and Exchange Commission rule took effect that compels publicly traded companies to disclose breaches that could negatively impact their business. It gives them four days to do so unless they obtain a national-security waiver.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

HPE was spun off in 2015 from the storied Silicon Valley computing company Hewlett-Packard Inc., which is best known today for its printer business.

TOPICS: hacking, HP Enterprise
TAGS: hacking, HP Enterprise

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.