On January 24, 2024, Hewlett Packard Enterprise Company (“Hewlett Packard”; “HPE”) filed a notice of data breach with the Securities and Exchange Commission after discovering that an unauthorized actor gained access to the company’s cloud-based email system. In this notice, HPE explains that, as a result of the incident, an unauthorized party may have exfiltrated sensitive data from the company’s email environment. HPE is still in the process of investigating the incident; however, if HPE confirms that confidential customer or employee information was compromised, it will be required to send out data breach notification letters to all individuals whose information was affected.
If you receive a data breach notification from Hewlett Packard, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following a possible Hewlett Packard data breach. For more information, please see our recent piece on the topic here.
Was There a Hewlett Packard Data Breach?
It’s too early to determine if there was a Hewlett Packard data breach, as the company only recently announced that it was the victim of a cyberattack. However, HPE’s filing with the Securities and Exchange Commission provides some important information on what led up to the breach.
According to this source, on December 12, 2023, HPE was notified that an unauthorized actor, potentially affiliated with a nation-state, had gained access to the company’s cloud-based email environment. In response, HPE enlisted the help of cybersecurity experts to investigate, contain and remediate the incident. Shortly after HPE’s discovery, all unauthorized access was terminated.
While the HPE investigation is ongoing, the company explains that the incident likely involves previous unauthorized access, which dated back to June 2023. Evidently, hackers were able to exfiltrate data from a limited number of HPE SharePoint files as early as 2023. After receiving notice of this incident back in June 2023, HPE conducted an investigation and determined that it did not materially impact HPE. The HPE investigation remains ongoing, but it appears at least possible that hackers were able to obtain certain data from HPE’s email environment.
On January 24, 2024, Hewlett Packard filed a notice with the SEC. If HPE’s investigation confirms that an unauthorized actor was able to access confidential data in the company’s possession, it will be required to send data breach letters to anyone who was affected. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Hewlett Packard Enterprises
Hewlett Packard Enterprises is a business services and technology company with its headquarters in Spring, Texas. HPE was founded in 2015 when the old Hewlett-Packard company was split into HPE and HP Inc. HPE provides a range of technology services related to servers, storage, networking, containerization software, and consulting & support. Hewlett Packard Enterprises employs more than 60,000 people and generates approximately $29 million in annual revenue.
