Microsoft said on Friday evening that Russian hackers had infiltrated the email accounts of some senior Microsoft officials.
Microsoft said the hackers were members of a group that many in the cybersecurity industry have linked to the Russian spy agency SVR. They apparently sought to spy on some Microsoft employees tracking Russian hackers, and then turned to the email accounts of its senior leadership and legal teams, the company said in a blog post.
The SVR is Russia’s signals intelligence agency, and is comparable in mission to the US National Security Agency. The United States has accused SVR of masterminding the 2020 SolarWinds hacking campaign, considered one of the most successful cyberespionage campaigns against the United States to date.
The company said that in November last year, hackers bombarded a specific account with potential access passwords, then used that account to gain permission to view the email accounts of specific Microsoft employees and download attachments. It was not clear why this account gave the hackers this access.
Microsoft said it discovered the breach last week and does not believe customers or products were affected.
“We are in the process of notifying employees whose email has been accessed,” the post read. “This attack highlights the ongoing risk to all organizations from well-resourced nation-state threat actors.”
The Russian Foreign Ministry did not immediately respond to an email request for comment.