The Breach That Shook the Tech World

Hewlett Packard Enterprise (HPE) has started notifying individuals whose personal information was stolen during a 2023 cyberattack, which the company has attributed to Russian government hackers. This breach, a stark reminder of the vulnerabilities in even the most secure systems, has sent shockwaves through the tech industry.

What We Know So Far

According to TechCrunch’s review of breach notices filed with at least two U.S. state attorneys general, HPE has notified more than a dozen individuals whose data was compromised. The stolen data includes:

• Social Security numbers
• Driver’s license information
• Credit card numbers

“The accessed data was limited to information contained in the users’ mailboxes,” said HPE spokesperson Adam R. Bauer.

Adam R. Bauer, HPE Spokesperson

The Intrusion: A Closer Look

The breach began in May 2023, when hackers infiltrated HPE’s email mailboxes and SharePoint systems. These systems, hosted by Microsoft, are crucial for internal communications and data sharing. The hackers used a compromised account to access internal HPE email boxes in the Office 365 email environment.

Who Was Affected?

The stolen mailbox data predominantly belonged to individuals in HPE’s cybersecurity, go-to-market, and business teams. While HPE has not disclosed the total number of individuals affected, the breach also impacted a small number of customers whose information was contained in the emails.

Midnight Blizzard: The Culprit

HPE has attributed the hack to a group known as Midnight Blizzard, which security researchers link to Russia’s foreign intelligence service, the SVR. This group, also known as APT29 and Cozy Bear, has a notorious history, including the 2019 SolarWinds espionage campaign targeting the federal government.

“Midnight Blizzard has been linked to a number of high-profile attacks, including the 2019 SolarWinds espionage campaign,” said a security researcher.

Security Researcher

Microsoft Also in the Crosshairs

In January 2024, Microsoft confirmed that its corporate network was also compromised by Midnight Blizzard. The Russian hackers targeted the email accounts of corporate executives and senior staff in cybersecurity, likely in an effort to gather intelligence on the hackers themselves.

What’s Next?

As HPE continues to notify affected individuals, the tech giant is working to bolster its cybersecurity measures. This breach serves as a stark reminder of the ever-present threat of cyberattacks and the importance of robust security protocols.

Conclusion: Stay Vigilant

In a world where cyber threats are increasingly sophisticated, staying vigilant is more important than ever. HPE’s breach is a wake-up call for all organizations to reassess their cybersecurity strategies and ensure they are prepared to defend against the next wave of attacks.