HP Enterprise discloses hack by suspected state-backed Russian hackers

abcnews.go.com:

Hewlett Packard Enterprise says suspected state-backed Russian hackers broke into its email system and stole data from cybersecurity and other employees

BOSTON — Hewlett Packard Enterprise disclosed Wednesday that suspected state-backed Russian hackers broke into its cloud-based email system and stole data from cybersecurity and other employees.

The provider of information technology products and services said in a Securities and Exchange Commission regulatory filing that it was informed of the intrusion on Jan. 12. It said it believed the hackers were from Cozy Bear, a unit of Russia's SVR foreign intelligence service.

Microsoft reported last week that it also discovered an intrusion of its corporate network on Jan. 12. The Redmond, Washington, tech giant said the breach began in late November and also blamed Cozy Bear. It said the Russian hackers accessed accounts of senior Microsoft executives as well as cybersecurity and legal employees.

Cozy Bear was behind the SolarWinds breach and focuses stealth intelligence-gathering on Western governments, IT service providers and think tanks in the U.S. and Europe.

“Based on our investigation, we now believe that the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” HPE, which is based in Spring, Texas, said in the filing.

Company spokesman Adam R. Bauer, reached by email, would not say who informed HPE of the breach. “We're not sharing that information at this time.” Bauer said the compromised email boxes were running Microsoft software.

In the filing, HPE said the intrusion was «likely related to earlier activity by