An attack on Microsoft by Russian hackers revealed additional repercussions not initially disclosed, as the tech giant notifies more individuals of compromised emails. Bloomberg reports that a group known as Midnight Blizzard or Nobelium, linked to the 2020 SolarWinds hack, orchestrated the attack. The US government has previously associated Midnight Blizzard with the Russian Foreign Intelligence Service.

Initially, Microsoft informed certain individuals that their emails were accessed, but the company is now providing more specific details to affected parties. A Microsoft spokesperson stated, “This week we are continuing notifications to customers who corresponded with Microsoft corporate email accounts that were exfiltrated by the Midnight Blizzard threat actor, and we are providing the customers the email correspondence that was accessed by this actor. This is increased detail for customers who have already been notified and also includes new notifications.” Microsoft is using email notifications to inform customers, although there were initial concerns that the notifications were a phishing scam.

Microsoft first disclosed the hack in January, attributing the breach to a password spray attack that allowed the group to access “a very small percentage of Microsoft corporate email accounts” in late 2023. Among the compromised accounts were those belonging to senior leadership, cybersecurity, and legal teams.

While Microsoft initially denied that vulnerabilities in its systems were responsible for the breach and vowed to enhance security, the US government has taken a stricter stance against the tech giant. A report from the Cyber Safety Review Board in March found Microsoft’s “security culture was inadequate and requires an overhaul.” In April, the US Cybersecurity and Infrastructure Security Agency (CISA) issued a directive mandating federal agencies to assess compromised emails and secure Microsoft cloud accounts, among other precautions. Impacted agencies were required to provide regular updates on the measures taken to mitigate the risk posed by the breach.

The incident underscores the ongoing threat posed by state-sponsored hacking groups and the importance of strengthening cybersecurity measures to safeguard sensitive information. Microsoft’s response to the breach, including enhanced notifications and security improvements, reflects the company’s commitment to addressing security vulnerabilities and protecting user data.

As the investigation into the Russian hacker attack on Microsoft continues, stakeholders will be closely watching for further developments and efforts to prevent similar breaches in the future. The incident serves as a reminder of the ever-evolving nature of cyber threats and the critical need for organizations to remain vigilant in safeguarding their digital assets against malicious actors.

Lidhja e burimit