Hewlett Packard Enterprise (HPE) has disclosed that a suspected nation-state actor, identified as the threat actor Midnight Blizzard, also known as Cozy Bear – a state-sponsored entity, has successfully gained unauthorized access to HPE’s cloud-based email environment.
In a new Form 8-K SEC filing, HPE says they were notified on December 12th that the suspected Russian hackers breached their cloud-based email environment in May 2023.
“Based on our investigation, we now believe that the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” reads the SEC filing.
“On December 12, 2023, HPE was notified that a suspected nation-state actor had gained unauthorized access to the company’s Office 365 email environment. HPE immediately activated cyber response protocols to begin an investigation, remediate the incident, and eradicate the activity. Through that investigation, which remains ongoing, we determined that this nation-state actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions. We believe the nation-state actor is Midnight Blizzard, also known as Cozy Bear.
The accessed data is limited to information contained in the users’ mailboxes. We continue to investigate and will make appropriate notifications as required.
Out of an abundance of caution and a desire to comply with the spirit of new regulatory disclosure guidelines, we have filed a form 8-K with the Securities & Exchange Commission to notify that body, and investors, about this incident. That said, there has been no operational impact on our business and, to date, we have not determined that this incident is likely to have a material financial impact.”
HPE said the incident has not had a material impact on the Company’s operations, and the Company has not determined the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.
