Discussing this storyCommentAdd to your bookmarked storiesSaveA prominent cloud computing provider stemming from Hewlett-Packard announced on Wednesday that it had experienced a breach by a suspected Russian intelligence team, marking the second such incident involving a major U.S. internet company reported this month. In a Securities and Exchange Commission filing, Hewlett Packard Enterprise stated that it was informed of a breach on January 12, which enabled hackers to pilfer emails from its cybersecurity personnel and others. This disclosure follows a similar report from Microsoft, filed on Friday, which stated that it had lost emails belonging to senior executives and security professionals. The company indicated that the hackers seemed to be seeking information on Microsoft’s knowledge about them. HPE did not disclose how the attack was detected but mentioned that the intruders initially accessed its systems in May 2023 and obtained the contents of a “small percentage” of overall Office 365 mailboxes, primarily belonging to its cybersecurity and marketing departments, among others. Both HPE and Microsoft cater to numerous government and defense clients and have attributed the intrusions to a group linked to Russia’s SVR foreign intelligence service. This group was responsible for the extensive 2020 breach originating from altered software at SolarWinds, which subsequently infiltrated the computer systems of SolarWinds customers at nine federal agencies. Chris Krebs, chief intelligence officer at security company SentinelOne and former head of cybersecurity at the Department of Homeland Security, highlighted the significance of the situation, given HPE’s stature as a major cloud service provider. Krebs referenced HPE’s recent announcement of the acquisition of Juniper Networks for $14 billion, a major player in computer networking equipment, speculating that the SVR was attempting to gauge potential vulnerabilities in the supply chain. This move suggests a measure of caution, as both companies mentioned that they had not determined whether the breach and its aftermath would have a “material” impact on their finances, and indicated that they were cooperating with law enforcement while continuing their investigations. U.S. intelligence officials did not provide an immediate comment in response to these developments.
