HPE reports data breach caused by 2023 Office 365 hack
Learn More
Hewlett Packard Enterprise (HPE) is reporting a data breach resulting from a cyber attack by the Russian state-sponsored hacking group Cozy Bear. The incident involved unauthorized access to HPE's cloud-based Office 365 email environment and SharePoint server in May 2023, which was discovered when the company received notification on December 12, 2023.
The attack was executed through a compromised account, allowing the threat actors to access and exfiltrate data from employee mailboxes across various departments including cybersecurity, go-to-market, business segments, and other functions. The breach affected mailboxes contained sensitive personal information of employees. Exposed data include:
- Names
- Social Security numbers
- Driver's license numbers
- Credit card numbers
Initial notifications sent to at least 16 individuals whose sensitive information was compromised. HPE has characterized the impact as affecting "a small percentage of HPE mailboxes" and "a limited group of HPE team member mailboxes." but has not disclosed the total number of affected individuals.
The breach notification process began on January 29, 2025,
This incident is part of a series of security challenges faced by HPE, including:
- A 2018 breach by Chinese threat actors
- A 2021 compromise of the Aruba Central network monitoring platform
- Recent investigations in January 2025 regarding potential breaches claimed by a threat actor using the IntelBroker handle
