HPE Aruba has confirmed that has suffered an attack on its Aruba Central platform, with which several cybercriminals have managed to access data on devices monitored by the company. Aruba offers network access solutions for large enterprise networks through Aruba Central, a unified, cloud-based network operations and security platform. With it, HPE Aruba customers have more facilities for the deployment and management of wired and wireless network environments, as well as WAN networks.
According to Aruba, an unauthorized individual obtained an access key to the platform, which allowed him to access and view “a limited set of information” stored in Central Aruba. Apparently “the data repositories exposed to the external actor contained information classified as “Customer Personal Data” in the Data Privacy and Security Addendum section, and that is why we are notifying customers about the incident«.
The HPE security team realized there was suspicious activity on the platform and immediately revoked the password that was registering it. They then launched an investigation that confirmed the unauthorized access. According to Aruba, the attacker had access to the data from October 9 to October 27 of this year, when HPE revoked the key.
The company points out that the personal data of clients that the attacker accessed in the repositories that were exposed consist of Media Access Control (MAC) addresses of devices, IP addresses, type of operating system and hostname of the device. In some cases they have also accessed the username. In addition, the data repositories also contained other information, which can be used to extrapolate the surroundings of a user’s location. Yes, lThe exposed data did not contain sensitive information or personal data, as defined by the GDPR. In addition, from HPE they assure that they have no reason to believe that the attackers have taken data from the repositories.