‘After Microsoft, HPE also became a victim of Russian state hackers’

Hewlett Packard Enterprise says it was hacked by the same Russian hacking group that previously gained access to the email accounts of executives at Microsoft. A ‘small percentage’ of HPE email data was reportedly stolen.

In a report from the U.S. Securities and Exchange Commission it can be read that Midnight Blizzard is believed to have compromised HPE’s cloud-based email system. The hacker group is generally known to be sponsored by the Russian government and is associated, among other things, with the SolarWinds attack several years ago.

HPE is said to have been aware of the breach in its email environment since December 12, 2023. Internal investigations reportedly revealed that Midnight Blizzard “accessed and exfiltrated data” from a “small percentage” of HPE’s email boxes as of May 2023. This would have given the hackers access to, among other things, emails of employees of the cybersecurity department. In the SEC filing, HPE said the breach is likely related to a previous incident that HPE has been aware of since June 2023, in which the Russian hacking collective allegedly gained access to “a number” of SharePoint files.

The hacker collective is said to have recently carried out a password spray attack to gain access to the email accounts of managers at Microsoft. It is not clear whether the attacks on Microsoft and HPE are linked.