A Russian hacking group gained access to Microsoft's corporate email system and accessed the accounts of high-ranking executives, the company said on Friday evening.
Microsoft believes the Russian state-sponsored group Midnight Blizzard, also known as Nobelium, was responsible for the hack.
“To date, there is no evidence that the threat actor had access to customer environments, production systems, source code or AI systems. We will notify customers if action is required,” the Microsoft Security Response Center said in a blog post Friday.
What is cyberwar?
This browser does not support the video element.
Hackers have gained a foothold in an account
The attack began in November last year when the hackers bombarded a specific “legacy” account (probably outdated) with possible passwords.
They used the account's permissions to “access a very small percentage of Microsoft company email accounts, including members of our leadership team and employees in our cybersecurity, legal, and other functions.”
The company said hackers were able to view and download some emails and attached documents.
Microsoft's security team discovered the latest attack on January 12 and triggered defenses that blocked further access by the hackers.
Hackers threaten critical infrastructure
This browser does not support the video element.
Midnight Blizzard is known as a “cyber actor”.
According to Microsoft, the hackers were apparently looking for information about Midnight Blizzard itself.
The US National Intelligence Agency considers Midnight Blizzard to be a “cyber” actor of Russian foreign intelligence.
The group was behind the so-called SolarWinds attack in 2020, a massive hacking attack on US government agencies and companies.
lo/dj (AP, AFP)