Russian hackers launch cyber attack on Microsoft

Hackers breached the accounts of employees in cybersecurity services, legal departments, and other units at Microsoft.

"The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access," Microsoft said.

The hackers' goal was to obtain information about their group, according to the company.

"The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself. We are in the process of notifying employees whose email was accessed," the company stated.

The group exploited an outdated non-production account to infiltrate corporate accounts.

"Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents," Microsoft reported.

The company stated that the attack was not related to vulnerabilities in Microsoft products or services.

"The attack was not the result of a vulnerability in Microsoft products or services. To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required," Microsoft said.

Russian hacker attacks

We also covered the Russian hackers' attacks on Ukraine and Poland through phishing emails.