Hewlett Packard Enterprises tells SEC it was hacked by Russians - The Washington...
source link: https://www.washingtonpost.com/technology/2024/01/24/hpe-hacking-russia-cybersecurity/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Another provider of cloud services says Russian intelligence hacked it
Hewlett Packard Enterprise announces hack in an SEC filing; Microsoft made a similar filing last week
The major cloud computing provider spun out of Hewlett-Packard said late Wednesday that it had been hacked by a suspected Russian intelligence team, the second such hack of a major U.S. internet company reported this month.
In a filing with the Securities and Exchange Commission, Hewlett Packard Enterprise said it was notified Jan. 12 of a breach that allowed hackers to steal emails from its cybersecurity employees and some others.
The disclosure follows a similar report Friday from Microsoft, which said in an SEC filing that it had lost senior executive emails as well as those of security professionals. It said the hackers appeared to be looking for information on what Microsoft knew about them.
HPE did not say how the attack had been uncovered but said the intruders first entered its systems in May 2023, taking the contents of a “small percentage” of overall Office 365 mailboxes belonging primarily to its cybersecurity and marketing departments, among others.
HPE and Microsoft have large numbers of government and defense customers, and both blamed a group associated with Russia’s SVR foreign intelligence service for the intrusions. The group was behind the massive 2020 breach that began with altered software at SolarWinds and that went on to get inside the computer systems of SolarWinds customers at nine federal agencies.
“HPE is a huge cloud service provider, plus with the recent announcement of the Juniper acquisition a massive networking player,” said Chris Krebs, chief intelligence officer at security company SentinelOne and the head of cybersecurity at the Department of Homeland Security in the last administration. HPE announced Jan. 9 that it would spend $14 billion to acquire Juniper Networks, which designs computer networking equipment.
“It’s almost like a portfolio play by the SVR to see who’s on to them and maybe look for SolarWinds-like opportunities to compromise various aspects of the supply chain,” Krebs said.
The tech companies’ SEC filings come after tightened rules for when hacking incident must be disclosed. Both companies said they had not determined whether the breach and fallout would have a “material” impact on their finances, suggesting that they were filing out of an abundance of caution.
The companies said they were working with law enforcement and continuing to investigate.
U.S. intelligence officials did not immediately respond to a request for comment.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK