Russian hackers expose HPE involvement in Microsoft email hack

January 25, 2024
1 min read

In 2023, Hewlett Packard Enterprise (HPE) experienced a hack of its cloud email environment by a threat actor known as Midnight Blizzard. This group, believed to be a state-sponsored Russian hacker group, is also responsible for a recent breach of senior Microsoft executive accounts. The incident began in May 2023 and impacted a small percentage of HPE staff email accounts. The compromised email system was a Microsoft Office 365 environment, with the threat actor leveraging a compromised account to access the environment. HPE has stated that the accessed data is limited to information in users’ mailboxes, and they are continuing to investigate the incident and make appropriate notifications. It is unclear if the HPE and Microsoft incidents are connected, but HPE believes that the threat actor appears to be the same. HPE activated its response process immediately upon notification and has since eradicated the activity. The company filed a disclosure with the U.S. Securities and Exchange Commission, stating that the incident has not had a material impact on its operations.

Key Points:

  • Hewlett Packard Enterprise’s cloud email environment was compromised by a Russian hacker group known as Midnight Blizzard in 2023
  • The group is also responsible for a recent breach of senior Microsoft executive accounts
  • The incident impacted a small percentage of HPE staff email accounts and began in May 2023
  • The compromised email system was a Microsoft Office 365 environment
  • HPE believes that the threat actor appears to be the same as the one responsible for the Microsoft breach
  • The data accessed in the HPE breach was limited to information contained in users’ mailboxes
  • HPE has activated its response process, eradicated the activity, and is continuing to investigate the incident
  • The incident has not had a material impact on HPE’s operations

Latest from Blog

Trust is the secret sauce for cybersecurity success

TLDR: Key Points: Trust between CISOs and top executives is crucial for justifying cybersecurity investments. Five key questions CISOs must ask themselves about their cybersecurity strategy include budget justification, risk reporting, celebrating

Expert opinion on cyber security is a must have

TLDR: Key points from the article: Study shows link between lack of sleep and increased risk of Alzheimer’s disease. Researchers found that poor sleep quality was associated with higher levels of brain