Microsoft Executive Emails Compromised by Russian Intelligence Group, According to Company Reports

26

A Russian hacking group accessed the email accounts of some of Microsoft’s top executives, according to a regulatory filing released Friday. The breach was identified as a domestic attack by Microsoft’s security team and was discovered on January 12, 2024. The group responsible for the leak was named Midnight Blizzard, a well-known Russian state-backed group also known as Nobelium, the same organization, behind the infamous SolarWinds breach in 2020.

Read More: Stellantis CEO Signals Strategic Approach to Steer Clear of Drastic Price Reductions

Microsoft’s security response includes accelerating investigation processes, deterring crime, reducing attacks, and preventing further infiltration of terrorist threats. The attack targeted a number of Microsoft corporate email accounts involving senior executives and employees, particularly in cybersecurity and legal affairs. The hackers managed to access numerous emails and attached files stating that they wanted to know information regarding Midnight Blizzard.

This case shows the group’s attack on the SolarWinds breach, where they broke into US organizations and monitored the government’s actions in response to their actions. Microsoft confirmed that based on its preliminary investigation, there was no evidence that hackers had accessed the customer environment or AI. The attack began in November 2023 via a “password spraying attack” aimed at accessing multiple accounts using well-known passwords.

Microsoft has notified affected employees and continues to cooperate with authorities and regulators. The company promised to provide more information to the public as the investigation continues. This leak underscores the potential risk that well-sourced nation-state threats like Midnight Blizzard pose to organizations.

Recent top data hacking attacks have focused on Microsoft systems as well as the company’s cybersecurity competition. The Cybersecurity and Infrastructure Security Agency has not yet responded to the incident. The FBI is aware of this situation and is working with federal partners to provide assistance to victims of cyber incidents and encourage them to contact their local FBI offices.

Russian intelligence groups’ access to Microsoft systems has raised concerns, particularly amid the ongoing, state-sponsored conflict between Russia and Ukraine, where disclosing sensitive information has become riskier. The geopolitical context increases the complexity of evolving cybersecurity threats.