According to a recent report by CNBC, Microsoft finds Russian hacker intelligence group, known as Nobelium or Midnight Blizzard, gained unauthorized access to a small number of the company’s executive email accounts. This cyberattack, detected in January 2024, was carried out by the same group responsible for the 2020 SolarWinds hack. While the incident has not significantly impacted Microsoft’s operations, the company disclosed the breach to comply with new cybersecurity event disclosure regulations.
Microsoft finds Russian hack that affects executive emails
The Russian intelligence group that goes by Midnight Blizzard/Nobelium, gained access to the executive emails of Microsoft through a password spray attack on a legacy non-production test tenant. This initial compromise allowed the group to use the account’s permissions to access a small percentage of Microsoft corporate email accounts, including those of senior leadership team members and employees in cybersecurity, legal, and other functions.
Subsequently, the hackers exfiltrated some emails and attached documents. Microsoft has emphasized that the attack was not the result of a vulnerability in its products, and there is no evidence that the hackers accessed customer environments, production systems, source code, or AI systems. Midnight Blizzard was seeking information about Microsoft and has previously targeted the company.
Microsoft has stated that there is no evidence of the hackers accessing customer environments, production systems, source code, or AI systems. The investigation is ongoing, and the company is in the process of informing the affected users. The breach is seen as a concerning development, given the potential risks associated with state-sponsored attacks during periods of armed conflict, such as Russia’s ongoing war against Ukraine.
Discover more from Microsoft News Now
Subscribe to get the latest posts sent to your email.
