{"id":522763,"date":"2024-01-25T08:31:20","date_gmt":"2024-01-25T06:31:20","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=522763"},"modified":"2024-01-25T08:37:05","modified_gmt":"2024-01-25T06:37:05","slug":"hp-enterprise-blames-hacking-on-same-russian-group-behind-microsoft-breach","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/522763-hp-enterprise-blames-hacking-on-same-russian-group-behind-microsoft-breach.html","title":{"rendered":"HP Enterprise blames hacking on same Russian group behind Microsoft breach"},"content":{"rendered":"<p>Hewlett Packard Enterprise Co. said a suspected nation-state actor gained unauthorised access to its cloud-based email system, pointing a finger at a group also suspected in a recent Microsoft Corp. hack.<\/p>\n<p>The entity is \u201cbelieved to be the threat actor Midnight Blizzard, the state-sponsored actor also known as Cozy Bear,\u201d HPE said in a regulatory filing on Wednesday.<\/p>\n<p>The company said it was informed on 12 December that a nation-state hacking group had breached the email system and that it accessed and \u201cexfiltrated data\u201d starting in May 2023 from a small percentage of its mailboxes belonging to people who work in cybersecurity and other departments.<\/p>\n<p>HPE believes the breach is likely related to earlier activity by Midnight Blizzard, a hacking group linked to Russia.<\/p>\n<p>In that incident, the company was notified in June 2023 that hackers had gained access and exfiltrated a limited number of SharePoint files as early as the previous month.<\/p>\n<p>HPE and cybersecurity experts investigated the incident and \u201ctook containment and remediation measures intended to eradicate the activity,\u201d the company said in the filing.<\/p>\n<p>The company said the incident hasn\u2019t had a material impact on its operations, as of the time of the filing.<\/p>\n<p>Midnight Blizzard is the same group suspected of a hack Microsoft announced last week.<\/p>\n<p>In that incident, the intruders breached the company in November and were able to steal emails and documents from \u201ca very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions,\u201d according to a statement from Microsoft.<\/p>\n<p>The hackers used a \u201cpassword spray\u201d attack to infiltrate Microsoft\u2019s systems, which involves quickly trying multiple passwords on specific user names in order to try breaching targeted corporate accounts.<\/p>\n<p>Cozy Bear is one of Russia\u2019s most notorious hacking groups, accused of hacking the Democratic National Committee during the 2016 presidential election.<\/p>\n<p>The same group was also blamed for the cyberattack on SolarWinds Corp., a massive cyberespionage effort that was disclosed in 2020, and breached major technology companies and US federal agencies.<\/p>\n<p>The UK and US governments have\u00a0<a href=\"https:\/\/www.ncsc.gov.uk\/news\/uk-and-us-call-out-russia-for-solarwinds-compromise\" target=\"_blank\" rel=\"noopener noreferrer\">said<\/a>\u00a0that the group is affiliated with Russia\u2019s Foreign Intelligence Service, the SVR.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hewlett Packard Enterprise said a suspected nation-state actor gained unauthorised access to its cloud-based email system from May 2023. <\/p>\n","protected":false},"author":341034,"featured_media":522769,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_sma_x_autopost_status":"idle","_sma_x_autopost_error":"","_sma_x_post_id":"","_sma_x_attempts":0,"footnotes":""},"categories":[27],"tags":[92119,72252,15227,37815,123,92117,43794],"class_list":["post-522763","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-cozy-bear","tag-cyberattacks","tag-cybersecurity","tag-hewlett-packard-enterprise","tag-microsoft","tag-midnight-blizzard","tag-russian-hackers"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/522763"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341034"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=522763"}],"version-history":[{"count":0,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/522763\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/522769"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=522763"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=522763"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=522763"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}