Microsoft revealed on Friday that a Russian hacking group managed to breach the email accounts of some senior leaders within the company. The cybersecurity team at Microsoft detected the attack, which was carried out by a nation-state actor known as Midnight Blizzard, on January 12, 2024. This same group was responsible for the infamous SolarWinds breach in 2020.
According to a blog post by the Microsoft Security Response Center, the hackers were able to access a small percentage of corporate email accounts, including those belonging to senior leadership and employees in the cybersecurity and legal departments. The attackers were able to extract some emails and documents, but Microsoft believes they were specifically targeting information related to Midnight Blizzard.
The breach, which began in late November 2023, was initiated through a “password spray attack,” where hackers attempt to access multiple accounts using commonly known passwords. Microsoft clarified that there is currently no evidence to suggest that the hackers gained access to customer environments or AI systems.
In response to the breach, Microsoft is in the process of notifying employees whose emails were compromised. The company is also working closely with law enforcement and regulators to investigate the incident further. Microsoft has pledged to share more information publicly as the investigation unfolds.
This recent attack underscores the ongoing threat posed by well-resourced nation-state actors like Midnight Blizzard. Microsoft’s systems have been the target of multiple high-profile hacking attempts in recent years, highlighting the importance of robust cybersecurity measures.
The Cybersecurity and Infrastructure Security Agency has not yet provided a comment on the hack, and Microsoft has declined to offer any additional statements. The FBI, however, has acknowledged the incident and is working with federal partners to provide assistance. They urge any victims of cyber incidents to contact their local FBI field office.
As the situation continues to develop, Microsoft will remain vigilant in protecting its systems and information from future cyber threats. This story will be updated with any new developments as they arise.