HPE claims that Aruba's client data has been corrupted as a result of a data breach

HPE has stated that a "small sample" of customer data was stolen in a data breach involving its subsidiary Aruba Networks, a network equipment manufacturer.

According to a statement from the company's IT behemoth, an unauthorized user used a private key to access client data contained in the Aruba Central cloud. HPE did not disclose how the hacker obtained the private key, but it stated that the key provided access to cloud servers in different countries where customer data was stored.

In 2015, HPE paid $ 3 billion in cash for Aruba Networks. Aruba sells networking equipment, such as wireless access points, and network security to businesses. Companies can centrally monitor and control their Wi-Fi networks using Aruba Central, the company's dashboard.

HPE claims that Wi-Fi data captured in Aruba Central was hacked. According to HPE, two sets of data were exposed: one for network analysis including information about devices accessing a customer's Wi-Fi network, and a second data set containing position data about network devices. HPE did not provide any information regarding the granularity of the exposed location data, but stated that the data "may allow the wide proximity to a user's location to be detected."

The information specifically includes device specifications such as MAC and IP addresses, the device hostname and operating system, and, in some circumstances, the username of the individual using a Wi-Fi network. Customers choose their usernames, according to HPE, but they can include a user's name or email address.

Even worse, despite the fact that the data was distorted and encrypted, the company said that the private key was authorized to use the decryption key; it was unclear whether the data was eventually decrypted. According to HPE, only a "very small amount, if any" of data was likely to be filtered out. The company also stated that it was unclear which specific customers or files were taken because it does not save logs of individual file access.

According to the statement, the hacker used the key for the first time on October 9, but HPE did not notice the incident until November 2. HPE automatically deletes data from its cloud servers every 30 days, which means that the amount of affected data was limited to protocols dated 10 September.