HPE says Russian Midnight Blizzard hackers hit security team emails

HPE
Image credit: Hewlett Packard Enterprise (Image credit: Hewlett Packard Enterprise)

Russian state-sponsored threat actors known as Midnight Blizzard breached HPE’s IT systems late last year and stole sensitive data from its employees’ email inboxes. 

HPE confirmed the news in a new 8-K submission with the U.S. Securities and Exchange Commission (SEC). As per the filing, the company spotted the attack on December 12 and moved in to investigate and remedy the incident. 

The investigation uncovered that since May 2023, Midnight Blizzard (also known as Cozy Bear, or Nobelium) had access to “a small percentage” of HPE’s cloud-based email inboxes. BleepingComputer reports that HPE uses the Microsoft 365 productivity suite.

No material impact

The inboxes belong to HPE employees working in cybersecurity, go-to-market, business, and other segments. 

HPE further explained that the incident is “likely related” to an earlier attack, of which the company was made aware in June last year. In that attack, Midnight Blizzard was accessing and pulling SharePoint flies from the company. 

That being said, HPE doesn’t believe the attack will have a material impact on the company, or that it will disrupt its operations. 

“Upon undertaking such actions, we determined that such activity did not materially impact the Company,” HPE said in the filing. “As of the date of this filing, the incident has not had a material impact on the Company’s operations, and the Company has not determined the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.”

The police have been notified, HPE concluded, adding it is currently assessing its regulatory notification obligations. 

Nobelium seems to have had a busy end to the year in 2023, as roughly at the same time, it also managed to break into Microsoft. Earlier this week, the Redmond giant announced email accounts belonging to highly-positioned individuals having been breached by the same threat actor. The emails belong to senior leadership, as well as those working in cybersecurity and legal departments.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Closing the cybersecurity skills gap
HPE starts contacting victims of 2023 Russian cyberattack
Russia
Major Russian hacking group shifts focus to US and UK targets
HPE
HPE investigating claims that hacker breached developer environments, source code
A smartphone on a sofa showing the WhatsApp, Telegram and Signal apps
Russian criminal gang Star Blizzard found hitting WhatsApp accounts
China
Microsoft says Chinese Silk Typhoon hackers are targeting cloud and IT apps to steal business data
Data leak
Details of over 15,000 FortiGate devices leaked online, so be on your guard
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Google Pixel 9
The Google Pixel 10 just showed up in Android code – and may come with a useful speed boost
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
Security padlock and circuit board to protect data
Trust in digital services around the world sees a massive drop as security worries continue
A Lego Pikachu tail next to a Pebble OS watch and a screenshot of Assassin's Creed Shadow
ICYMI: the week's 7 biggest tech stories from LG's excellent new OLED TV to our Assassin's Creed Shadow review
Samuel and Romy standing very close together in A24's Babygirl movie
Everything new on Max in April 2025, including A24's Babygirl and The Last of Us season 2
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
AMD’s secret weapon against Nvidia seems to be stock – way more RX 9070 GPUs are rumored to be hitting shelves than RTX 5000 models