In 2023, Hewlett Packard Enterprise (HPE) experienced a hack of its cloud email environment by a threat actor known as Midnight Blizzard. This group, believed to be a state-sponsored Russian hacker group, is also responsible for a recent breach of senior Microsoft executive accounts. The incident began in May 2023 and impacted a small percentage of HPE staff email accounts. The compromised email system was a Microsoft Office 365 environment, with the threat actor leveraging a compromised account to access the environment. HPE has stated that the accessed data is limited to information in users’ mailboxes, and they are continuing to investigate the incident and make appropriate notifications. It is unclear if the HPE and Microsoft incidents are connected, but HPE believes that the threat actor appears to be the same. HPE activated its response process immediately upon notification and has since eradicated the activity. The company filed a disclosure with the U.S. Securities and Exchange Commission, stating that the incident has not had a material impact on its operations.
Key Points:
- Hewlett Packard Enterprise’s cloud email environment was compromised by a Russian hacker group known as Midnight Blizzard in 2023
- The group is also responsible for a recent breach of senior Microsoft executive accounts
- The incident impacted a small percentage of HPE staff email accounts and began in May 2023
- The compromised email system was a Microsoft Office 365 environment
- HPE believes that the threat actor appears to be the same as the one responsible for the Microsoft breach
- The data accessed in the HPE breach was limited to information contained in users’ mailboxes
- HPE has activated its response process, eradicated the activity, and is continuing to investigate the incident
- The incident has not had a material impact on HPE’s operations