Data Breach in Aruba Central
HPE has reported the data repositories of its Aruba Central network monitoring platform were compromised, allowing an attacker to access data collected on monitored devices and their locations for 18 days between 9 and 27 October 2021, when HPE revoked the key.
The data included identification of the devices' MAC addresses, IP addresses, the type of device operating systems and host names, and usernames of Wi-Fi networks where authentication is used, as well as dates, times, and the physical Wi-Fi access points (APs) to which the devices were connected.
References:
- arubanetworks.com Aruba Central Security Incident
- 11/11/2021 computerweekly.com HPE’s Aruba networking unit hit by cyber attack
- 10/11/2021 bleepingcomputer.com HPE says hackers breached Aruba Central using stolen access key