HPE(HPE) TechCrunch·2025-02-07 15:20Core Points - Hewlett Packard Enterprise (HPE) has begun notifying individuals whose personal information was stolen during a cyberattack attributed to Russian government hackers [1][5] - The breach involved sensitive data such as Social Security numbers, driver's license information, and credit card numbers [2] - The cyberattack began in May 2023, targeting HPE's email systems and SharePoint environments, which are hosted by Microsoft [3] - HPE disclosed that the hackers accessed internal email boxes through a compromised account, primarily affecting individuals in cybersecurity and business teams [4] - The attack is linked to a group known as Midnight Blizzard, associated with Russia's foreign intelligence service, SVR, which has been involved in other significant cyber incidents [5] Data Breach Details - More than a dozen individuals have been notified about the data breach [1] - The breach was publicly disclosed by HPE in January 2024, confirming the exfiltration of a "small number" of email mailboxes and SharePoint files [3] - Microsoft also confirmed that its corporate network was compromised by the same group, indicating a broader threat landscape [5]