In a Security and Exchange filing, the IT product provider noted that the attack occurred on January 12. They suspect that Russia’s foreign intelligence service ‘Cozy Bear’ was behind the attack.
“Based on our investigation, we now believe that the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” HPE, which is based in Spring, Texas, said in the filing.
HP’s spokesperson, Adam R. Bauer, was contacted through his email, however, he did not make it clear who exactly informed HPE of the breach. “We’re not sharing that information at this time,” Bauer noted the compromised email boxes were running Microsoft software.
In the filing, HPE said the intrusion was “likely related to earlier activity by this threat actor, of which we were notified in June 2023, involving unauthorized access to and exfiltration of a limited number of SharePoint files.” SharePoint is a component of Microsoft’s Office 365 suite, which also contains word processing, spreadsheet, and email tools.
SharePoint is part of Microsoft’s 365 suite, formerly known as Office, which includes email, word-processing and spreadsheet apps.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents