Hackers with links to the Kremlin are suspected to have infiltrated facts technology corporation Hewlett Packard Enterprise’s (HPE) cloud email natural environment to exfiltrate mailbox information.
“The threat actor accessed and exfiltrated knowledge beginning in May possibly 2023 from a modest percentage of HPE mailboxes belonging to folks in our cybersecurity, go-to-market place, organization segments, and other capabilities,” the enterprise claimed in a regulatory filing with the U.S. Securities and Exchange Commission (SEC).
The intrusion has been attributed to the Russian state-sponsored group recognized as APT29, and which is also tracked beneath the monikers BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (previously Nobelium), and The Dukes.
The disclosure arrives days soon after Microsoft implicated the identical threat actor to the breach of its corporate devices in late November 2023 to steal emails and attachments from senior executives and other people in the firm’s cybersecurity and authorized departments.
HPE claimed it was notified of the incident on December 12, 2023, indicating that the danger actors persisted within just its network undetected for extra than 6 months.
It also noted that attack is probable related to a prior security event, also attributed to APT29, which involved unauthorized access to and exfiltration of a restricted variety of SharePoint files as early as May possibly 2023. It was alerted of the destructive action in June 2023.
HPE, however, emphasised that the incident has not experienced any product impression on its operations to date. The organization did not disclose the scale of the attack and the specific email information and facts that was accessed.
APT29, assessed to be portion of Russia’s Foreign Intelligence Company (SVR), has been guiding some high-profile hacks in new a long time, including the 2016 attack on the Democratic National Committee and the 2020 SolarWinds offer chain compromise.
Discovered this posting intriguing? Abide by us on Twitter and LinkedIn to read through much more special information we article.
Some parts of this article are sourced from:
thehackernews.com