Microsoft Reports Cyber Attack by Russian-Sponsored Hacking Group -- Update
20 January 2024 - 10:25AM
Dow Jones News
By Dean Seal
Microsoft disclosed Friday that it was targeted by a Russian
state-sponsored hacking group that stole information from its
senior leadership team and other employees.
The tech giant detected last week that the threat actor, which
it has identified as the group Midnight Blizzard, had extracted
information from a small percentage of employee email accounts.
Based on a preliminary analysis, those accounts included members of
its senior leadership team and employees in its cybersecurity and
legal teams.
In a blog post, Microsoft said the group used a password spray
attack that compromised one legacy non-production test tenant
account, then used the account's permissions to gain access to the
Microsoft corporate email accounts starting in late November.
The hackers initially targeted accounts related to Midnight
Blizzard itself, the company said. The owners of the affected
accounts are being notified.
Microsoft was able to remove the intruder's access to the email
accounts on Jan. 13 and is still assessing the impact of the
incident. The company is also investigating the extent of the
incident and working with law enforcement.
The company said it hasn't determined whether the incident is
likely to affect its financial condition or the results of its
operations, but that there hasn't been a material impact on
operations so far.
The intrusion wasn't the result of a vulnerability in Microsoft
products or services, and there is no evidence that the intruders
had any access to customer environments, production systems, source
code, or AI systems, the company said.
In a blog post last August, Microsoft said it had detected
Midnight Blizzard, previously known as Nobelium, launching targeted
social engineering attacks that used Microsoft Teams chats to phish
for credentials.
Microsoft's investigation into the group at that time had
uncovered that fewer than 40 unique global organizations had been
affected by Midnight Blizzard's attacks.
The former Nobelium group has been linked by U.S. authorities to
the Foreign Intelligence Service of the Russian Federation and is
known for its involvement in the massive SolarWinds hack of
2020.
Write to Dean Seal at dean.seal@wsj.com
(END) Dow Jones Newswires
January 19, 2024 18:10 ET (23:10 GMT)
Copyright (c) 2024 Dow Jones & Company, Inc.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Oct 2024 to Nov 2024
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Nov 2023 to Nov 2024
