.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Know Your Breach: HPE
Feb 14, 2025 8:31:17 AM
The Target: Hewlett Packard Enterprise, an American multinational information technology company.
The Take: A breach notification filing with the state of Massachusetts indicated that Social Security numbers, driver’s license numbers and credit/debit card numbers were compromised in the attack.
The Vector: HPE was notified on Dec. 12, 2023, that a suspected nation-state threat group had breached its Office 365 email environment. An investigation revealed that starting in May 2023, Midnight Blizzard actors accessed emails and pilfered data from mailboxes “belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions.”
As phishing actors continue to explore every potential abuse opportunity on legitimate service providers, novel security gaps constantly threaten to expose users to severe risks. It is essential not to rely solely on email protection solutions, and also scrutinize every email that lands on your inbox, look for inconsistencies, and double-check all claims made in those messages.
