Comment on this storyCommentAdd to your saved storiesSave
The major cloud computing provider spun out of Hewlett-Packard said late Wednesday that it had been hacked by a suspected Russian intelligence team. This is the second such hacker attack on a major US internet company reported this month.
In a filing with the Securities and Exchange Commission, Hewlett Packard Enterprise said it was notified on Jan. 12 of a breach that allowed hackers to steal emails from its cybersecurity employees and several others .
The disclosure follows a similar report Friday from Microsoft, which said in an SEC filing that the company had lost emails from executives as well as security experts. It said the hackers appeared to be looking for information about what Microsoft knew about them.
HPE did not specify how the attack was discovered, but said the intruders first broke into its systems in May 2023, stealing the contents of a “small percentage” of total Office 365 mailboxes, which, among other things, were primarily used for its cybersecurity – and marketing departments.
HPE and Microsoft have numerous government and defense customers and both blamed the breaches on a group linked to the Russian foreign intelligence agency SVR. The group was behind the massive 2020 breach that began with compromised software at SolarWinds and then made its way into the computer systems of SolarWinds customers at nine federal agencies.
“HPE is a massive cloud services provider and, with the recent Juniper acquisition announcement, also a major network player,” said Chris Krebs, chief intelligence officer at security firm SentinelOne and head of cybersecurity at the Department of Homeland Security in the last administration. HPE announced Jan. 9 that it would spend $14 billion to acquire Juniper Networks, a maker of computer networking equipment.
“It's almost like a portfolio game of the SVR to see who's on their trail and maybe look for SolarWinds-like opportunities to compromise different aspects of the supply chain,” Krebs said.
Tech companies' SEC filings follow stricter rules about when hacking incidents must be disclosed. Both companies said they had not determined whether the breach and its consequences would have a “material” impact on their finances, suggesting they filed out of an abundance of caution.
The companies said they are cooperating with law enforcement and continuing the investigation.
U.S. intelligence officials did not immediately respond to a request for comment.