Another Provider of Cloud Services Says Russian Intelligence Hacked It

Hewlett Packard Enterprise announces hack in an SEC filing; Microsoft made a similar filing last week.

The Washington Post

January 25, 2024

2 Min Read
White cloud with binary data and a locked padlock with a keyhole
Alamy

The major cloud computing provider spun out of Hewlett-Packard said late Wednesday that it had been hacked by a suspected Russian intelligence team, the second such hack of a major U.S. internet company reported this month.

In a filing with the Securities and Exchange Commission, Hewlett Packard Enterprise said it was notified Jan. 12 of a breach that allowed hackers to steal emails from its cybersecurity employees and some others.

The disclosure follows a similar report Friday from Microsoft, which said in an SEC filing that it had lost senior executive emails as well as those of security professionals. It said the hackers appeared to be looking for information on what Microsoft knew about them.

HPE did not say how the attack had been uncovered but said the intruders first entered its systems in May 2023, taking the contents of a “small percentage” of overall Office 365 mailboxes belonging primarily to its cybersecurity and marketing departments, among others.

HPE and Microsoft have large numbers of government and defense customers, and both blamed a group associated with Russia’s SVR foreign intelligence service for the intrusions. The group was behind the massive 2020 breach that began with altered software at SolarWinds and that went on to get inside the computer systems of SolarWinds customers at nine federal agencies.

Related:Cybersecurity Trends and Predictions 2024 From Industry Insiders

“HPE is a huge cloud service provider, plus with the recent announcement of the Juniper acquisition a massive networking player,” said Chris Krebs, chief intelligence officer at security company SentinelOne and the head of cybersecurity at the Department of Homeland Security in the last administration. HPE announced Jan. 9 that it would spend $14 billion to acquire Juniper Networks, which designs computer networking equipment.

“It’s almost like a portfolio play by the SVR to see who’s on to them and maybe look for SolarWinds-like opportunities to compromise various aspects of the supply chain,” Krebs said.

The tech companies’ SEC filings come after tightened rules for when hacking incident must be disclosed. Both companies said they had not determined whether the breach and fallout would have a “material” impact on their finances, suggesting that they were filing out of an abundance of caution.

The companies said they were working with law enforcement and continuing to investigate.

U.S. intelligence officials did not immediately respond to a request for comment.

About the Author

The Washington Post

The latest technology news from The Washington Post.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like