2024-01-22 10:48:54
Microsoft has admitted that some of its corporate email accounts were hacked and data stolen by a Russian state-backed hacker group known as Midnight Blizzard.
The attack discovered on January 12and Microsoft’s investigation identified the cybercriminals as a Russian group known as Nobelium or APT29.
The company said cybercriminals breached its system in November 2023. This attack involved collecting a list of possible usernames and then attempting to log in with a specific password. In this particular case, the hackers exploited a test account that was not protected by two-factor authentication (2FA) or multi-factor authentication (MFA), thus not following Microsoft’s recommended security best practices.
After gaining access to the test account, cybercriminals were able to access some of Microsoft’s corporate email accounts for more than a month.
Among the hacked accounts were those of Microsoft executives as well as employees of the IT security and legal departments. The hackers stole emails and attachments, but the investigation says they were originally looking for information regarding the group Midnight Blizzard (another name for Nobelium).
Microsoft emphasizes that the intrusion was not caused by a vulnerability in its products and services. The company is still investigating the breach and will provide more details as appropriate. In a statement sent to the SEC, Microsoft wrote that the breach did not have a material impact on its business.
Nobelium, also known as Midnight Blizzard, APT29, and Cozy Bear, is a Russian state-sponsored hacker gang (or rather cybercriminal group, given the methods used) linked to Russia’s Foreign Intelligence Service (SVR).
1705923294
#group #Russian #hackers #hacked #Microsoft #email #accounts