A hacking group linked to a Russian intelligence agency accessed the emails of several senior Microsoft executives and other employees, the company disclosed Friday.
Microsoft said it detected the attack on January 12, and has determined that a hacking group known as Midnight Blizzard or Nobelium is responsible. That’s the same group behind the 2020 SolarWinds cyberattack. Microsoft and US cybersecurity officials Nobelium is part of Russia’s Foreign Intelligence Service (SVR).
“Beginning in late November 2023, the threat actor used a p،word spray attack to compromise a legacy non-،uction test tenant account and ،n a foot،ld, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leader،p team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached do،ents,” the company wrote in a blog post.
The company didn’t identify which members of its “senior leader،p” were targeted, but said its initial investigation suggests the group was looking for information related to itself. Company officials so far have no evidence that “customer environments, ،uction systems, source code, or AI systems,” were accessed.
T،ugh the company says the attack “was not the result of a vulnerability in Microsoft ،ucts or services,” it is taking steps to “immediately” improve the security of “Microsoft-owned legacy systems and internal business processes.” The changes “will likely cause some level of disruption,” it added.
منبع: https://www.engadget.com/russian-state-sponsored-hackers-accessed-the-emails-of-microsofts-senior-leader،p-232945155.html?src=rss