The threat actor is believed to be Midnight Blizzard, also known as Cozy Bear, which was the same group that recently breached the email accounts of several senior executives and other employees at Microsoft. It was also the same hacking group behind the SolarWinds attacks that affected multiple government entities, including the US Treasury Department and Homeland Security.
In its filing, HPE said it was notified on December 12, 2023 that an attacker had gained access to its cloud-based email environment. It worked with external cybersecurity experts that found that the threat actor was able to access and steal data from "a small percentage" of email accounts owned by employees from various divisions, including those in cybersecurity. HPE didn't say what kind of data was stolen, but it believes the incident is related to an earlier security breach that took place in May 2023, wherein the bad actor was able to get away with "a limited number of SharePoint files." SharePoint is a document management and collaborative platform for Microsoft 365.
#hp-enterprise #hacking-group #russian-intelligence #cozy-bear #microsoft-breach #solarwinds-attack #cybersecurity
[
add
]
[
|
|
...
]