Hewlett Packard Enterprise began to inform people whose personal information was stolen during a cyber attack in 2023, which the company blamed the pirates of Russian government.
HPE has so far informed more than a dozen people whose data have been stolen in cyber attacks, according to the TechCrunch examination of the violation notices filed with at least two US prosecutors.
Violed data included social security numbers, driving license information and credit card numbers, according to a file With the state of the Massachusetts.
HPE spokesperson Adam R. Bauer has not returned requests for comments with questions about the violation.
The violation relates to an intrusion starting in May 2023 in messaging systems and SharePoint environments of HPE, referring to Microsoft SharePoint software which allows companies to create intranet portals; Both hosted by Microsoft. HPE publicly disclosed the incident in January 2024, confirming that the hackers exfiltrated the content of a “small number” of its mailbox boxes and certain SharePoint files.
HPE said that the pirates used “a compromise account to access HPE internal messaging boxes in our Office 365 messaging environment”. HPE later told regulators that stolen mailbox data mainly belonged to individuals in cybersecurity, market and trade in HPE teams.
HPE has attributed the hack to a group called Midnight Blizzard, who, according to security researchers, is linked to the foreign intelligence service of Russia, known as SVR. Midnight Blizzard (also known as Apt29) has been linked to a number of high -level attacks, including the solarwinds 2019 spy campaign targeting the federal government
Microsoft also confirmed in January 2024 that his corporate network had been compromised by Midnight Blizzard. Microsoft said that Russian pirates have targeted the messaging accounts of business leaders, as well as senior executives working in cybersecurity, who, according to Microsoft, was probably in an effort to know what the company knows about the hackers -Mee.
