ALBAWABA, On Jan. 19, Microsoft revealed that it had been the subject of a cyber-attack by the Russian group, Midnight Blizzard, also known as Cozy Bear. Today, Hewlett Packard Enterprise (HPE), a 2015 birthed company after HP’s split, has revealed in a Securities and Exchange Commission (SEC) filing, that it had suffered a similar hack that infiltrated its cloud-based email infrastructure back in Dec. 12 last year by the same threat actor.
HPE says that investigations are still underway alongside external cybersecurity experts, believing that Midnight Blizzard started extracting data as early as May 2023 yet without materialistic impact over the company, yet still trying to determine how many mailboxes where actually targeted and informing related parties.
In a statement by Adam R. Bauer, an HPE spokesperson, to TechCrunch, HPE believes the threat-actor a compromised Office 365 email to reach a limited number of different mailboxes within the enterprise’s network, however Bauer says that “The accessed data is limited to information contained in the users’ mailboxes”, adding that the company does not currently have all the details of the attack on Microsoft, thus unable to link the two together.
Today Hewlett-Packard disclosed to the SEC that they were compromised by APT29 a/k/a/ Cozy Bear a/k/a/ Midnight Blizzard
— vx-underground (@vxunderground) January 24, 2024
Information via @pancak3lullz pic.twitter.com/9HH1WLy6t8
While little information is disclosed at the moment, HPE claims that no damage to its operations or the financial situation of the company, despite taking more than six months to be discovered, no details where shared on whether Midnight Blizzard has accessed or stolen customer data and HPE did not disclose the divisions or seniorities of affected employees’.
