HPE hacked by same Russian intelligence group that hit Microsoft
Antonio Neri, president and CEO of Hewlett Packard Enterprise, speaks during the HPE Discover CIO Summit in Las Vegas on June 19, 2018.
Bloomberg | Bloomberg | Getty Images
Hewlett Packard Enterprise said Wednesday that its cloud-based email system was compromised by the Russian state-sponsored hacking group known as Midnight Blizzard or Cozy Bear.
The enterprise tech giant revealed the hack in a regulatory filing, saying it was notified in December 2023 that “the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions.”
HPE said it is still investigating the hack, which it believes was related to another incident that occurred in June 2023. During that event, the hackers managed to compromise “a limited number of SharePoint files as early as May 2023,” HPE wrote in the filing.
“Following the notice in June, we immediately investigated with the assistance of external cybersecurity experts and took containment and remediation measures intended to eradicate the activity,” the company wrote. “Upon undertaking such actions, we determined that such activity did not materially impact the Company.”
HPE said it is working with law enforcement and will provide regulatory notifications if required as the investigation proceeds. So far, HPE said the hack “has not had a material impact” and that it “has not determined the incident is reasonably likely to materially impact” its financial health or operations.
Earlier in January, Microsoft said the hacking group, which is also referred to as Nobelium or APT29, compromised some of the email accounts of its high-ranking executives. In 2020, the same Russian intelligence-linked hacking group also conducted the infamous breach of government supplier SolarWinds.
Both the U.S. Cybersecurity and Infrastructure Security Agency and Microsoft have previously linked the state-sponsored hacking group with the Russian foreign intelligence service SVR.
Microsoft and HPE’s disclosure of their respective breaches by the Russian-linked hacking group follows newly enacted U.S. Securities and Exchange Commission rules requiring companies to disclose material cybersecurity incidents.
HPE shares were flat in after-hours trading Wednesday at $15.76.
Watch: Microsoft hack could’ve been the start of a “pretty significant campaign.”
Don’t miss these stories from CNBC PRO:
An electric air taxi by Joby Aviation flies near the Downtown Manhattan Heliport in Manhattan, New York City, U.S., November 12, 2023.
Roselle Chen | Reuters
Air taxi maker Joby Aviation in a new lawsuit accused competitor Archer Aviation of using stolen information by a former employee to “one-up” a partnership deal with a real estate developer.
“This is corporate espionage, planned and premeditated,” Joby said in the lawsuit filed Wednesday in a California Superior Court in Santa Cruz, where the company is based.
Archer and Joby did not immediately respond to CNBC’s request for comment.
The lawsuit alleges that former U.S. state and local policy lead, George Kivork, downloaded dozens of files and sent some content to his personal email two days before he resigned in July to take a job at Archer, which had recruited him.
By August, Joby said a partner that worked with Kivork said it had been approached by Archer with a “more lucrative deal.” Joby alleges that the eVTOL rival’s understanding of “highly confidential” details helped it leverage negotiations.
Joby also said the developer attempted to terminate the agreement, citing a breach of confidentiality.
Kivork refused to return the files when Joby approached him after conducting an investigation, according to the suit. The company also said Archer denied wrongdoing, and would not disclose how it learned about the terms of the agreement or provide results from an internal investigation it allegedly undertook.
The lawsuit comes during a busy period for electric vertical takeoff and landing (eVTOL) technology as companies race to gain Federal Aviation Administration certification to start flying commercially. ‘
The sector has also benefitted from President Donald Trump‘s newly minted eVTOL pilot program.
Joby argued in the complaint that it’s “imperative” to protect Joby’s work “from this type of espionage” to promote the sector’s success and ensure fair competition.
Last week, Joby said it completed its first test flight for a hybrid aircraft it’s working on with defense contractor L3Harris. This month, Amazon-backed Beta Technologies, another electric flight company, also went public on the New York Stock Exchange.
Joby shares have more than doubled over the last year, while Archer is up about 68%.
In August 2023, Archer settled a previous legal dispute with Boeing-owned Wisk Aero over the alleged theft of trade secrets. As part of the deal, Archer agreed to use Wisk as its autonomous tech partner.
A hearing is scheduled for March 20, 2026.
Joby and Archer year-to-date stock chart.
-
Sports2 years agoStory injured on diving stop, exits Red Sox game
-
Sports3 years ago‘Storybook stuff’: Inside the night Bryce Harper sent the Phillies to the World Series
-
Sports2 years agoGame 1 of WS least-watched in recorded history
-
Sports3 years agoButton battles heat exhaustion in NASCAR debut
-
Sports3 years agoMLB Rank 2023: Ranking baseball’s top 100 players
-
Sports4 years ago
Team Europe easily wins 4th straight Laver Cup
-
Environment2 years agoJapan and South Korea have a lot at stake in a free and open South China Sea
-
Environment1 year agoHere are the best electric bikes you can buy at every price level in October 2024