A hacking group linked to Russian intelligence has accessed the emails of several senior Microsoft executives and other employees. announced friday
Microsoft said it discovered the attack on January 12 and determined that a hacker group known as Midnight Blizzard, or Nobelium, was responsible. It’s the same group behind 2020 SolarWinds cyber attack. Microsoft and US cybersecurity officials Nobelium is part of the Russian Foreign Intelligence Service (SVR).
“Beginning in late November 2023, a threat actor used a password spray attack to compromise and harden an old non-production test tenant account, and then used the account’s permissions to access a very small subset of Microsoft corporate email accounts, including members. did used our senior management team and employees in our cybersecurity, legal and other functions to leak some of the emails and the attached documents,” the company wrote in a blog post.
The company did not specify which members of “senior management” were targeted, but said initial investigations indicated the group was seeking information about itself. There is no evidence that company officials have ever accessed “customer environments, production systems, source code, or AI systems.”
While the company said the attack was “not the result of a vulnerability in Microsoft products or services,” it is taking steps to “immediately” improve the security of “legacy Microsoft-owned systems and internal business processes.” The changes are “likely to cause some level of disruption,” he said.