Hackers Breached Aruba Central

The Hewlett Packard Enterprise Company, located in Houston, Texas, is an American global enterprise information technology company. HPE was created in San Jose, California, on November 1, 2015, as part of the Hewlett-Packard company’s separation.

HPE has confirmed that data repositories for its Aruba Central network monitoring technology have been hacked, allowing a threat actor to get access to gathered data on monitored devices and their whereabouts.

Aruba Central is a cloud networking platform that lets administrators manage massive networks and components from a single interface.

A threat actor gained an “access key” that allowed them to examine customer data stored in the Aruba Central environment, HPE announced today. Between October 9th, 2021, and October 27th, 2021, when HPE canceled the key, the threat actor had access for 18 days.

The repositories that were exposed contained two datasets, one for network analytics and the other for Aruba Central’s ‘Contract Tracing‘ feature.

Q:  What happened?

A:   HPE/Aruba became aware that an access key which provided access to a limited subset of information held in the Aruba Central cloud environment was used by an unauthorized external actor. The data repositories exposed to the external actor contained information classified as “Customer Personal Data” under

Read More: https://heimdalsecurity.com/blog/hackers-breached-aruba-central/