HP Enterprise reports Midnight Blizzard hacked the cybersec team's email accounts

Hewlett Packard Enterprise (HPE) is reporting that Russian state-sponsored hackers, known as Midnight Blizzard (also Cozy Bear, APT29, Nobelium), infiltrated its Microsoft Office 365 email system in May 2023.

The breach was disclosed in a recent SEC filing, involved data exfiltration from the email accounts of HPE's cybersecurity team and other departments.

No details are disclosed about the breached data, impacted individuals or the vector of attack.

The hacker group accessed HPE's SharePoint server in a related incident in May 2023 stealing files. HPE, still investigating the breach with external cybersecurity experts and law enforcement, believes there's no significant operational or financial impact.