Topics
Latest
AI
Amazon
Image Credits:Callaghan O’Hare(opens in a new window)/ Getty Images
Apps
Biotech & Health
Climate
Image Credits:Callaghan O’Hare(opens in a new window)/ Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fund-raise
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
societal
Space
Startups
TikTok
Transportation
speculation
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
newssheet
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
get hold of Us
Hewlett Packard Enterprise said on Wednesday that its cloud - found email system was compromise by Midnight Blizzard , a Russia - link up hacking group that recentlybroke into Microsoft ’s corporate web .
In a filingwith the U.S. Securities and Exchange Commission , the go-ahead tech whale pronounce it was notified on December 12 that Midnight Blizzard , also known as APT29 or Cozy Bear , had infract its cloud - based email surroundings .
Midnight Blizzard is a infamous hack group that is wide believed to be shop by the Russian government . The hacker have been link to a number of in high spirits - profile cyberattacks , including the 2016 falling out of the Democratic National Committee and the SolarWinds attack in 2019 .
HPEsaid an inner investigation has since determined that the Russia - backed hacking chemical group “ access and exfiltrated data ” from a “ little percentage ” of HPE mailbox start out in May 2023 . HPE spokesperson Adam R. Bauer tell TechCrunch that the attackers “ leveraged a compromise history to access interior HPE electronic mail boxes in our Office 365 email environs . ”
The party said in its SEC filing that the breach is likely related to an early Midnight Blizzard blast that saw the mathematical group exfiltrate “ a limited number of SharePoint file ” from HPE ’s electronic web in May 2023 , an incident the company learned about in June 2023 .
Bauer said the ship’s company has n’t yet determined how many mailboxes were access but say they predominantly belonged to mortal in HPE ’s cybersecurity , go - to - market , and business teams . “ The accessed data is throttle to selective information contained in the users ’ mailboxes , ” Bauer told TechCrunch . “ We go along to investigate and will make appropriate notifications as ask . ”
news program of the HPE breach derive just days after Microsoft disclosed that Midnight Blizzard hackers had breached some incorporated email accounts , include those of the company ’s “ senior leading squad and employees in our cybersecurity , effectual , and other functions . ” According to the tech behemoth , the hacking group used apassword spray attack — where a bad actor taste the same password on multiple accounts — on a bequest account to accession targeted electronic mail accounts hold information relate to Midnight Blizzard itself .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
It ’s not yet known whether the HPE and Microsoft incidents are linked .
“ We do n’t have the details of the incident that Microsoft see and disclosed last week , so we ’re unable to associate the two at this time , ” Bauer told TechCrunch . He added that HPE does n’t anticipate the incident to have a material wallop on its business .
Hackers breached Microsoft to find out what Microsoft knows about them
