Microsoft says it was hacked by Russia-sponsored group

10 months ago 15

Microsoft

has announced that its

corporate systems

were

hacked

by a Russian state-sponsored

group

on January 12. The hackers were able to access a small percentage of Microsoft corporate email accounts, including those of senior leadership and employees in cybersecurity and legal departments.
Hackers who allegedly targeted Microsoft
Microsoft's threat research team, responsible for investigating nation-state hackers, says that it identified the group as 'Midnight Blizzard,' believed to be linked to Russia.

‘Midnight Blizzard,' also known as APT29, Nobelium, or Cozy Bear, is associated with Russia's SVR spy agency and has previously targeted the Democratic National Committee during the 2016 US election, news agency Reuters reported.

The investigation revealed that the hackers targeted Microsoft to gather information about their own operations.
They employed a technique called 'password spray attack' starting in November 2023. This technique involved using the same compromised password across multiple accounts to infiltrate the company's systems.
What Microsoft has to say
Upon discovering the breach, Microsoft promptly investigated and disrupted the malicious activity, cutting off the hackers' access to its systems. The company clarified that the attack was not the result of any specific vulnerability in its products or services.

"This attack does highlight the continued risk posed to all organizations from well-resourced nation-state threat actors like Midnight Blizzard," the company said.
"To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems," it added..
Microsoft's disclosure comes after a new regulatory requirement by the US Securities and Exchange Commission (SEC) that mandates prompt reporting of cyber incidents by publicly-owned companies. Affected companies must file a report within four business days of discovery, providing details of the breach to the government.
Microsoft products are widely used in the U.S. government, and the company has faced criticism in the past for its security practices.

Article From: timesofindia.indiatimes.com

Read Entire Article

Note:

We invite you to explore our website, engage with our content, and become part of our community. Thank you for trusting us as your go-to destination for news that matters.

Certain articles, images, or other media on this website may be sourced from external contributors, agencies, or organizations. In such cases, we make every effort to provide proper attribution, acknowledging the original source of the content.

If you believe that your copyrighted work has been used on our site in a way that constitutes copyright infringement, please contact us promptly. We are committed to addressing and rectifying any such instances

To remove this article:
Removal Request