Hewlett Packard Enterprise (HPE) has begun notifying individuals whose personal information was compromised in a significant cyberattack attributed to Russian government hackers. The breach, which occurred in 2023, has raised concerns about data security and the implications of state-sponsored cyber activities.
Key Takeaways
HPE has notified over a dozen individuals affected by the data breach.
The compromised data includes sensitive information such as Social Security numbers and credit card details.
The attack was linked to a group known as Midnight Blizzard, associated with Russia's foreign intelligence service.
Overview Of The Breach
In May 2023, HPE experienced a cyber intrusion that targeted its email systems and SharePoint environments, both hosted by Microsoft. The company publicly disclosed the breach in January 2024, revealing that hackers had accessed a limited number of email mailboxes and SharePoint files.
The breach was characterized by the use of a compromised account, which allowed unauthorized access to internal email boxes within HPE's Office 365 environment. The data primarily belonged to employees in HPE's cybersecurity, go-to-market, and business teams.
Details Of The Compromised Data
The data breach has serious implications for the affected individuals, as it involved the following types of sensitive information:
Social Security Numbers
Driver’s License Information
Credit Card Numbers
HPE has filed breach notices with at least two U.S. state attorneys general, indicating the seriousness of the incident and the company's commitment to transparency.
Attribution To Russian Hackers
HPE attributed the cyberattack to a group known as Midnight Blizzard, also referred to as APT29. This group is believed to be linked to Russia's foreign intelligence service, the SVR. Midnight Blizzard has been implicated in several high-profile cyberattacks, including the notorious SolarWinds espionage campaign in 2019, which targeted U.S. government agencies.
In January 2024, Microsoft confirmed that its corporate network had also been compromised by the same group, indicating a broader threat landscape. The hackers targeted email accounts of corporate executives and senior cybersecurity staff, likely to gather intelligence on the company's knowledge of the hacking activities.
Implications For Data Security
The HPE data breach underscores the ongoing risks associated with cyberattacks, particularly those linked to state-sponsored actors. Organizations must remain vigilant and proactive in their cybersecurity measures to protect sensitive information from such threats.
As HPE continues to notify affected individuals, the incident serves as a reminder of the importance of data security and the potential consequences of cyber intrusions. Companies are urged to enhance their security protocols and educate employees about recognizing and responding to potential threats.
Conclusion
The notification of data breach victims by HPE marks a significant step in addressing the fallout from a serious cyberattack. As the landscape of cybersecurity continues to evolve, organizations must prioritize the protection of sensitive data and remain aware of the tactics employed by malicious actors.
Sources
HPE begins notifying data breach victims after Russian government hack | TechCrunch, TechCrunch.