Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

Jason Macuray
Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise’s (HPE) cloud email environment to exfiltrate mailbox data.

Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise’s (HPE) cloud email environment to exfiltrate mailbox data.

“The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” the company said in a regulatory filing with the U.S. Securities and Exchange Commission (SEC).

The intrusion has been attributed to the Russian state-sponsored group known as APT29, and which is also tracked under the monikers BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes.

The disclosure arrives days after Microsoft implicated the same threat actor to the breach of its corporate systems in late November 2023 to steal emails and attachments from senior executives and other individuals in the company’s cybersecurity and legal departments.

HPE said it was notified of the incident on December 12, 2023, meaning that the threat actors persisted within its network undetected for more than six months.

It also noted that attack is likely connected to a prior security event, also attributed to APT29, which involved unauthorized access to and exfiltration of a limited number of SharePoint files as early as May 2023. It was alerted of the malicious activity in June 2023.

HPE, however, emphasized that the incident has not had any material impact on its operations to date. The company did not disclose the scale of the attack and the exact email information that was accessed.

APT29, assessed to be part of Russia’s Foreign Intelligence Service (SVR), has been behind some high-profile hacks in recent years, including the 2016 attack on the Democratic National Committee and the 2020 SolarWinds supply chain compromise.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

 The Hacker News 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits

Next Post

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks – Patch ASAP!

Related Posts

Microsoft, OpenAI move to fend off genAI-aided hackers — for now

Of all the potential nightmares about the dangerous effects of generative AI (genAI) tools like OpenAI’s ChatGPT and Microsoft’s Copilot, one is near the top of the list: their use by hackers to craft hard-to-detect malicious code. Even worse is the fear that genAI could help rogue states like Russia, Iran, and North Korea unleash unstoppable cyberattacks against the US and its allies.The bad news: nation states have already begun using genAI to attack the US and its friends. The good news: so far, the attacks haven’t been particularly dangerous or especially effective. Even better news: Microsoft and OpenAI are taking the threat seriously. They’re being transparent about it, openly describing the attacks and sharing what can be done about them.To read this article in full, please click here
Omega Balla
Read More