Stolen Access Key Used to Breach HPE’s Aruba Central

Exploit: Data Breach, Credential Compromise
Company: Hewlett Packard Enterprise (HPE)
Industry: Technology, Manufacturing
Source: https://www.msspalert.com/cybersecurity-breaches-and-attacks/hpe-aruba-central-compromised-heres-what-mssps-need-to-know/

Technology giant Hewlett Packard Enterprise (HPE) has begun to inform users of their Aruba networking unit that their information may have been compromised during a cyberattack that took place in October. On November 2nd HPE discovered the unauthorized use of an Aruba Central access key between October 9-27.

HPE released a statement to the press saying they had “discovered that an access key to data related to the network analytics and contact-tracing features of Aruba Central, our cloud-based network management and monitoring solution, was compromised and used by an external actor to access the environment.”

Along with informing customers, HPE’s security operations team has invoked their data breach incident response plan which also includes the involvement of security, legal and privacy groups. HPE is reassuring Aruba users they do not need to change passwords or network configurations due to the fact that sensitive information was not compromised. However, HPE’s report did mention the compromised data included “identifying device media access control (MAC) addresses, IP addresses, device operating systems type and hostnames, and user names for Wi-FI networks where authentication is used, as well as dates, times, and physical Wi-Fi access points (APs) to which devices connected.” The incident continues to be under investigation and more details are expected to follow.