In December last year, the American IT company Hewlett Packard Enterprise was attacked by a hacker group associated with Russian intelligence.

According to documents filed by HP Enterprise with the US Securities and Exchange Commission, the Midnight Blizzard group, also known as Cozy Bear, is the same group that recently hacked the email accounts of several top executives and other Microsoft employees. Hackers are also credited with an attack on SolarWinds software that affected multiple US government agencies (including the Treasury Department and the Department of Homeland Security), as well as an attempt to steal COVID-19 vaccine research in the US, UK and Canada in 2020.

According to a statement from HP Enterprise, the company became aware that attackers had gained access to its cloud-based email environment on December 12, 2023. According to an investigation by outside cybersecurity experts, hackers were able to steal data from a “small percentage” of employee accounts, including those working in the cybersecurity division.

HPE did not say exactly what data was involved, but it believes the incident is related to another breach that occurred in May 2023, when attackers obtained a “limited number of files” from SharePoint, the Microsoft 365 document management and collaboration platform.

HP Enterprise representative Adam R. Bauer said the company could not say whether the incident was related to the Microsoft data breach. He also noted that “the total number of accounts and emails that were accessed is still being determined.” Preliminary data from the investigation showed that the attack did not affect the operations of HP Enterprise, but the company is still investigating the incident and cooperating with law enforcement authorities.

Source: Engadget