Hewlett Packard Enterprise (HPE) is currently investigating a potential data breach after a threat actor, known as IntelBroker, claimed to have stolen data and offered it for sale on a hacking forum. The compromised data allegedly includes CI/CD access, system logs, config files, access tokens, HPE StoreOnce files, and access passwords, along with email services. Although HPE has not found evidence of a new breach, IntelBroker is considered a reputable threat actor previously linked to breaches involving DC Health Link and Volvo Cars. This comes after HPE revealed that the Russia-linked cyberespionage group Midnight Blizzard accessed its Microsoft Office 365 cloud-based email environment, compromising data since May 2023, with a small percentage of mailboxes affected.
The announcement on BreachForums by IntelBroker detailed the types of data claimed to be stolen, including screenshots of allegedly pilfered HPE credentials. HPE’s ongoing investigation into the potential data breach coincides with their prior revelation of the Midnight Blizzard cyberespionage group gaining unauthorized access to their cloud-based email environment. The company became aware of the intrusion in December 2023 and has been working with external cybersecurity experts to investigate and remediate the incident. The compromise, believed to be the work of the same APT group, affected a small percentage of HPE mailboxes, particularly those in cybersecurity, go-to-market, business segments, and other functions, with data exfiltration beginning in May 2023.
The cybersecurity community is closely monitoring the situation, given IntelBroker’s reputation as a credible threat actor. HPE’s response involves enhancing security measures and investigating the overlap between the recent claim of stolen data and the previously disclosed intrusion by Midnight Blizzard. The ongoing investigation seeks to uncover the extent of the breach and the potential impact on HPE and its stakeholders, emphasizing the persistent and evolving nature of cybersecurity threats faced by major technology companies.
Reference:
