Security News > 2024 > January > HPE: Russian hackers breached its security team’s email accounts

Hewlett Packard Enterprise disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments.

In a new Form 8-K SEC filing, HPE says they were notified on December 12th that the suspected Russian hackers breached their cloud-based email environment in May 2023.

"On December 12, 2023, HPE was notified that a suspected nation-state actor had gained unauthorized access to the company's Office 365 email environment. HPE immediately activated cyber response protocols to begin an investigation, remediate the incident, and eradicate the activity. Through that investigation, which remains ongoing, we determined that this nation-state actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions. We believe the nation-state actor is Midnight Blizzard, also known as Cozy Bear.".

While HPE has not provided any further details, Microsoft recently reported a security breach by Midnight Blizzard that also involved data theft from the company's corporate email accounts, including its leadership team.

Using this access, Midnight Blizzard gained access to corporate email accounts to steal data from Microsoft's senior leadership team and employees in its cybersecurity and legal departments.

Russian hackers stole Microsoft corporate emails in month-long breach.

News URL

https://www.bleepingcomputer.com/news/security/hpe-russian-hackers-breached-its-security-teams-email-accounts/