The company explains that on November 2, it “ discovered that a key to access data used through Aruba Central’s network analysis and contact tracing functions had been compromised and used by a third party for the purpose of accessing the environment over a period of 18 days, from 9 to 27 October 2021 “.
The company wants to be reassuring:” Only network analysis functions and Aruba Central Contact Tracing who contained personal information were affected by this incident ”.
HPE specifies that none would be“ considered as sensitive personal data ”, although this is obviously quite subjective. These include the IP and MAC addresses, the type of operating system of the device and the host name, “ some user names “, the name of the user’s access point (AP), its proximity and the duration of its connection.
“ At no time was more than 30 days of data stored in the environment because the data network analysis and contact tracing functions of the Aruba Central environment are automatically deleted every 30 days ”. “ Based on an in-depth analysis of access and traffic patterns, the likelihood that your personal data has been accessed is extremely low ”
Finally, “ no sensitive security information has been compromised “, the company therefore believes that there is no need to change passwords, keys or configuration of the network.