HP Enterprise Reveals It was hacked by the same Russians that broke into Microsoft

RVShacksMS-HPE-1In a new SEC disclosure, Hewlett Packard Enterprise (HPE) announced on Wednesday that it fell prey to the same Russian intelligence group, known as Midnight Blizzard or Cozy Bear, that recently breached Microsoft's email system. This disclosure comes just a week after Microsoft reported a similar intrusion, putting the spotlight back on this notorious hacking group.

HPE's cloud-based email system was the primary target, with the breach initiating in May 2023. The hackers successfully accessed and extracted data from a small yet significant fraction of HPE mailboxes. These mailboxes belonged to key personnel in cybersecurity, go-to-market, business segments, and other critical functions within the company. Fortunately, HPE has stated that these breaches have not had a material impact on the company so far.

The hacking group behind these attacks is the same one that executed the infamous SolarWinds hack in 2020. Both the U.S. Cybersecurity and Infrastructure Security Agency and Microsoft have previously identified this group as being connected to the Russian foreign intelligence service SVR.

HPE's situation underscores a critical reality in today’s digital landscape – no organization, no matter how sophisticated, is immune to cybersecurity threats. With recent U.S. Securities and Exchange Commission rules mandating companies to disclose material cybersecurity incidents, the need for robust digital defenses has never been more evident.

As the investigation continues, HPE is closely working with law enforcement and will provide necessary regulatory notifications. This incident serves as a reminder of the escalating cyber threats in the global digital arena, especially from state-sponsored actors.

Request A Quote: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your quote for KnowBe4's security awareness training and simulated phishing platform and find out how affordable this is!

Get A Quote Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: Russia

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews