Hewlett Packard Enterprise has started notifying individuals whose personal information was stolen during a 2023 cyberattack.
HPE has so far notified more than 12 individuals whose data was stolen in a cyberattack, according to a review of TechCrunch's violation notices filed with at least two U.S. Attorney General.
The data that was infringed included Social Security numbers, driver's license information and credit card numbers, according to a submission to the state of Massachusetts.
HPE spokesman Adam R. Bauer did not reply to requests for comment on the violation.
This violation has been linked to intrusion into HPE's email systems and SharePoint environments since May 2023, and refers to Microsoft SharePoint software that allows businesses to build intranet portals. Both were hosted by Microsoft. HPE published the incident in January 2024, confirming that hackers excluded the “minority” content in their email mailboxes and the contents of some SharePoint files.
HPE said that hackers “use a compromised account to access internal HPE mailboxes in an office 365 email environment.” HPE later told regulators that the stolen mailbox data belongs primarily to individuals in HPE's cybersecurity, to-market teams and business teams.
HPE has attributed the hack to a group called Midnight Blizzard, who say security researchers are linking to Russian foreign intelligence agency known as SVR. Midnight Blizzard (also known as APT29) is linked to many well-known attacks, including the 2019 Solar Winds spying campaign targeting the federal government.
Microsoft also confirmed in January 2024 that its corporate network was damaged by a midnight snowstorm. Microsoft said the Russian hackers have targeted corporate executive email accounts and senior staff working in cybersecurity.