Microsoft disclosed on Friday that some of its corporate email accounts were hacked by a Russian-backed group.

The tech company said A blog post that its security team tracked down the Jan. 12 attack and quickly identified the group responsible: Midnight Blizzard, “a Russian state-sponsored actor also known as Nobelium.”

microsoft ap jt 240119 1705701804505 hpMain

In this April 27, 2021 file photo, a sign is shown at the Microsoft corporate campus in Redmond, Wash.

Sepa USA by AP, File

In late November, the group allegedly used a “password spray attack,” where a user uses the same shared password against multiple accounts on the same application, to “spoof a legacy non-production test tenant account.” Compromises can be made and steps can be taken.” Microsoft

The group then used account permissions to gain access to “a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal and other functions.” and exaggerated some of the emails and attached documents,” the company said.

Hackers were allegedly targeting email accounts for information related to Midnight Blizzard, Microsoft said.

Photo: Students at computers in a classroom in an unidentified stock photo.

Microsoft was able to remove the hacker’s access to email accounts on January 13, according to the company. Filing with the SEC.

“To date, there is no evidence that a threat actor had access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required,” The company said.

The company said it is in the process of notifying its affected customers.

The investigation is ongoing.



Source link