Microsoft said on Friday evening that a Russian hacking group gained access to Microsoft’s email system and entered the accounts of senior executives.
Microsoft believes the Russian state-sponsored group Midnight Blizzard, also known as Nobleum, was responsible for the hack.
“To date, there is no evidence that the threat actor has access to customer environments, production systems, source code, or AI systems. We will notify customers if action is needed,” Microsoft’s Security Response Center said in a blog post. Friday.
Hackers gained a foothold on one account
The attack began in November last year, with hackers bombarding a certain (possibly old) account with potential passwords.
They used the account permissions “to access a very small percentage of Microsoft email accounts, including members of our senior leadership team and employees in cybersecurity, legal, and other functions.”
The company said hackers could view and download some attached emails and documents.
Microsoft’s security team discovered the latest attack on January 12, triggering defenses that prevented further access by hackers.
Midnight Blizzard is known as the “Cyber Actor”
Microsoft says the hackers appear to be looking for information about Midnight Blizzard itself.
The US National Intelligence Agency considers Midnight Blizzard to be a “cyber” representative of Russia’s foreign intelligence service.
The group was behind the so-called SolarWinds hack in 2020, a massive hack of US government agencies and companies.
lo/dj (AFP, AFP)