Key Points
- Microsoft says it discovered this month that Russian state-backed hackers accessed its corporate email system.
- The company says a “very small percentage” of corporate email accounts were accessed in the breach.
- Accounts belonged to Microsoft’s senior leadership team plus employees in cybersecurity, legal, and other functions.
Microsoft says a Russian state-sponsored group hacked into its corporate systems and stole some emails and documents from staff accounts.
The state-sponsored Russian group was able to access “a very small percentage” of Microsoft corporate email accounts, including members of its senior leadership team and employees in its cybersecurity, legal, and other functions, the company said.
Microsoft’s threat research team routinely investigates nation-state hackers such as Russia’s Midnight Blizzard, who they say is linked to the breach.
The breach was discovered on 12 January.
The company said its investigation into the breach indicated the Midnight Blizzard hackers were initially targeting email accounts that had information about themselves.
The software and tech company said the group also known in the cybersecurity industry as Nobelium used a “password spray attack” starting in November 2023 to breach a Microsoft platform.
Hackers use this technique to infiltrate a company’s systems by using the same password across multiple accounts.
Microsoft said hackers used a technique called a “password spray attack”. Source: Getty / Drew Angerer
The Russian Embassy in Washington and Ministry of Foreign Affairs did not immediately respond to a request for comment.
Microsoft said it investigated the incident and disrupted the malicious activity, blocking the threat actor’s access to its systems.
“This attack does highlight the continued risk posed to all organisations from well-resourced nation-state threat actors like Midnight Blizzard,” the company said.
Microsoft said the attack was not the result of a vulnerability in its products or services.
“To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems,” the company said.
——————————————————–