Identity, Data Security, Threat Intelligence

Possible HPE breach under investigation

Hewlett Packard Enterprise has launched a probe into a possible data breach after its credentials that were allegedly stolen in a cyberattack were posted by IntelBroker on hacking forums, reports BleepingComputer. While HPE has noted no evidence indicating any breach or extortion attempt, IntelBroker which previously targeted DC Health Link and grocery service Weee! claimed that the exfiltrated data included HPE StoreOnce files and access passwords, as well as system logs, access tokens, config files, and CI/CD access. However, no details were provided regarding the source of the stolen data and the means of compromise. Such HPE data compromise claims by IntelBroker come weeks after the technology giant suspected Russian state-backed threat operation APT29 of being behind the compromise of its Microsoft 365 environment in May. "Through that investigation, which remains ongoing, we determined that this nation-state actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions," said HPE.

Related

Phishing attack compromises LA County Health Services data

Individuals receiving healthcare across Los Angeles had their personal and health data compromised following a successful phishing attack against Los Angeles County Department of Health Services, which is the second largest U.S. public healthcare system, in February, according to BleepingComputer.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.