On Friday, Microsoft revealed that the emails of several top executives and other employees were infiltrated by a hacking group affiliated with a Russian intelligence agency. The tech giant added that the attack, detected on January 12, was carried out by a hacking group known as Midnight Blizzard, or Nobelium.
This is the same group credited for the 2020 SolarWinds cyberattack, which Microsoft and US cybersecurity officials attributed to Russia’s Foreign Intelligence Service (SVR).
In a blog post, Microsoft explained that from late November 2023, the hackers used a password spray attack to compromise a non-production test tenant account for initial access. They leveraged the account’s permissions to gain access to a minimal fraction of Microsoft corporate email accounts, including those of senior leadership and staff from the cybersecurity, legal, and other departments. Some emails and attachments were also exported.
While the affected members of the senior leadership were not identified, Microsoft indicated that the initial investigation suggested that the group was searching for information concerning itself. As of now, company officials found no evidence of customer environments, production systems, source code, or AI systems being accessed.
Although Microsoft insists that the attack didn’t take advantage of any weaknesses in its products or services, it aims to promptly enhance the security of Microsoft-owned legacy systems and internal processes.
1 Comment
Pingback: HPE hacked by Russian group behind Microsoft email breach - Innovation Village | Technology, Product Reviews, Business