Microsoft Reports Cyberattack by Russian-Sponsored Hacking Group -- Update
20 January 2024 - 9:42AM
Dow Jones News
By Dean Seal
Microsoft disclosed Friday that it was targeted by a Russian
state-sponsored hacking group that stole information from its
senior leadership team and other employees.
The tech giant detected last week that the threat actor, which
it has identified as the group Midnight Blizzard, had extracted
information from a small percentage of employee email accounts.
Based on a preliminary analysis, those accounts included members of
its senior leadership team and employees in its cybersecurity and
legal teams.
In a blog post, Microsoft said the group used a password spray
attackthat compromised one legacy non-production test tenant
account, then used the account's permissions to gain access to the
Microsoft corporate email accounts starting in late November.
The hackers initially targeted accounts related to Midnight
Blizzard itself, the company said. The owners of the affected
accounts are being notified.
Microsoft was able to remove the intruder's access to the email
accounts on Jan. 13 and is still assessing the impact of the
incident. The company is also investigating the extent of the
incident and working with law enforcement.
The company said it hasn't determined whether the incident is
likely to affect its financial condition or the results of its
operations, but that there hasn't been a material impact on
operations so far.
The intrusion wasn't the result of a vulnerability in Microsoft
products or services, and there is no evidence that the intruders
had any access to customer environments, production systems, source
code, or AI systems, the company said.
Write to Dean Seal at dean.seal@wsj.com
(END) Dow Jones Newswires
January 19, 2024 17:27 ET (22:27 GMT)
Copyright (c) 2024 Dow Jones & Company, Inc.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Oct 2024 to Nov 2024
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Nov 2023 to Nov 2024