A naukri.com initiative
Securityaffairs
1M
259
Image Credit: Securityaffairs
HPE is notifying individuals affected by a December 2023 attack
- HPE is notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors.
- The Midnight Blizzard (aka APT29, SVR group, Cozy Bear, Nobelium, BlueBravo, and The Dukes) group along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections.
- HPE investigation revealed that the attackers gained access to the company environment and exfiltrated data since May 2023.
- The IT giant determined that the intrusion is likely linked to another attack conducted by the same APT group, of which they were notified in June 2023.
- HPE emphasized that, as of the filing date, the incident has not significantly affected its operations.
- Microsoft warned that some of its corporate email accounts were compromised by the same Russia-linked group Midnight Blizzard.
- HPE recently confirmed that the incident was contained and remediated, but confirmed that threat actors gained access data from compromised mailboxes.
- With the assistance of e-discovery specialists, HPE conducted a thorough review of the data at issue to identify the types of information that may have been subject to unauthorized access and determine to whom this information relates.
- On February 5, 2025, HPE also notified the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) that Social Security numbers, driver’s license information, and credit or debit card numbers belonging to ten MA Residents were breached.
- At the time of this writing, the company has yet to reveal how many individuals are affected in total.
Read Full Article
15 Likes
For uninterrupted reading, download the app