Microsoft disclosed on Friday that some of its corporate email accounts were hacked by a Russian-backed group.
The tech company said A blog post that its security team tracked down the Jan. 12 attack and quickly identified the group responsible: Midnight Blizzard, “a Russian state-sponsored actor also known as Nobelium.”
In late November, the group allegedly used a “password spray attack,” where a user uses the same shared password against multiple accounts on the same application, to “spoof a legacy non-production test tenant account.” Compromises can be made and steps can be taken.” Microsoft
The group then used account permissions to gain access to “a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal and other functions.” and exaggerated some of the emails and attached documents,” the company said.
Hackers were allegedly targeting email accounts for information related to Midnight Blizzard, Microsoft said.
Microsoft was able to remove the hacker’s access to email accounts on January 13, according to the company. Filing with the SEC.
“To date, there is no evidence that a threat actor had access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required,” The company said.
The company said it is in the process of notifying its affected customers.
The investigation is ongoing.