Microsoft says Russian state-sponsored hackers broke into some company emails
Microsoft says Midnight Blizzard, a Russian state-sponsored group, behind attack
Microsoft said Friday it suffered a hack by Russia-affiliated threat actors that affected a "very small percentage" of corporate email accounts.
The Russian state-sponsored Midnight Blizzard hackers got into email accounts of some individuals on Microsoft’s senior leadership team, with some cybersecurity, legal and other workers also impacted, Microsoft said in a blog post.
Microsoft said it "immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access" upon learning of the attack on Jan. 12.
It also notified shareholders of the incident in a filing with the Securities and Exchange Commission (SEC).
MICROSOFT LAUNCHES SUBSCRIPTION-BASED CHATBOT, AI COPILOT PRO FOR $20 A MONTH
The apparent target of the hackers, also called Nobelium, was information about the group. Microsoft said they took some emails and attached documents during the incident.
"The attack was not a result of a vulnerability in Microsoft products or services," the tech giant said. "To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems."
Rather, how they got access was by way of a "legacy non-production test tenant account" via a password spray attack, according to Microsoft.
MICROSOFT CEO SAYS HE'S COMFORTABLE WITH OPENAI'S NONPROFIT BOARD AFTER SAM ALTMAN TURMOIL
The company said it would "act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes."
Microsoft
Microsoft said it was working with law enforcement and had informed regulators about the breach.
Ticker | Security | Last | Change | Change % |
---|---|---|---|---|
MSFT | MICROSOFT CORP. | 415.49 | -2.30 | -0.55% |
It "has not yet determined whether the incident is reasonably likely to materially impact the Company’s financial condition or results of operations," according to Microsoft’s SEC filing.
Just a few days before Microsoft’s report of the attack, Allianz Commercial released a report identifying cyber incidents as 2024’s "top business risk."
MICROSOFT BRIEFLY OVERTAKES APPLE AS WORLD'S MOST VALUABLE COMPANY
Cyber incidents also came in No. 1 in 2023 as the biggest threat to businesses, according to Allianz. Other years in which it ranked most highly out of 10 types of risks included 2022 and 2020.