HPE Confirms Data Repositories Breach, Sensitive Info Leaks

Share post:

HPE recently confirmed that a threat factor compromised the data repositories for the Aruba company’s central network surveillance platform.

The move allows the threat actor to obtain an “access key” for 18 days from October 9 to October 27, during which time the customer data stored in the Aruba Central area was viewed until HPE revoked the key.

While the corrupted repositories contained two records that included network analytics Aruba Central’s ‘Contract Tracing’ feature, some of the exposed network analysis records contained MAC addresses, IP addresses, operating systems, hostnames, and authenticated Wi-Fi networks that cover a person’s username.

For the contract tracing feature, the exposed record contains the date, time and Wi-Fi access points to which the users were connected.

In order to prevent future incidents, HPE confirmed that the company is working to change the way access keys are protected and stored. In its recent statement to Bleeping Computer, HPE further stated: “We are aware of how the threat actors gained access and have taken steps to prevent it in the future. The access tokens were not tied to our internal systems. Our internal systems were not breached in this incident.”

For more information, read the original story in Bleeping Computer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

UK leads takedown of LockBit ransomware gang’s website

The LockBit ransomware gang’s website has been seized, several news agencies reported late Monday. The Reuters news agency and The Register are carrying stories based on a new splash screen that has appeared on the gang’s website. It says, “This site is now under the control of the National Crime Agency of the UK, working

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways