Microsoft Employee Emails Hacked by Russia-Linked 'Midnight Blizzard' Group, Company Says

The hacking group doesn't appear to have accessed customers’ systems or Microsoft servers that run outward-facing products, according to Microsoft.

By Dina Bass and Katrina Manson, Bloomberg | Updated: 20 January 2024 12:10 IST

Microsoft Employee Emails Hacked by Russia-Linked 'Midnight Blizzard' Group, Company Says

Photo Credit: Reuters

Microsoft says accounts of senior leadership were also affected in the hack

Highlights

Microsoft employees' emails were recently compromised
The hacking attempt involved a brute force attack on employee accounts
Fixes for older systems targeted in the attack could cause disruption

Microsoft said a Russian-linked hacking group attacked its corporate systems, getting into a “small number” of email accounts, including those of senior leadership and employees who work in cybersecurity and legal. The company said it's acting immediately to fix older systems, which will probably cause some disruption.

The hacking group doesn't appear to have accessed customers' systems or Microsoft servers that run outward-facing products, the software giant said Friday in a blog post. Microsoft also has no evidence the group, named Midnight Blizzard, got into source code or artificial intelligence systems.

“We will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes,” the company said. “This will likely cause some level of disruption.”

Microsoft Announces $20-a-Month Copilot Pro AI Assistant for Small Companies

The group that Microsoft deemed responsible, also known as “Nobelium,” is a sophisticated nation-state hacking group that the US government has tied to Russia. The same group previously breached SolarWinds, a US federal contractor, as part of a massive cyber-espionage effort against US federal agencies.

The company said hackers beginning in November used a “password spray” attack to infiltrate its systems. That technique, sometimes known as a “brute force attack,” typically involves outsiders quickly trying multiple passwords on specific user names in order to try breaching targeted corporate accounts.

In this case, in addition to the accessed accounts, the attackers also took emails and attached documents. Microsoft said it detected the hack on January 12, adding that the company is still notifying employees whose emails were accessed.

Microsoft Pips Apple to Become World's Most Valuable Company

Eric Goldstein, executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency, said government officials are “closely coordinating with Microsoft to gain additional insights into this incident and understand impacts so we can help protect other potential victims.”

Microsoft technology has frequently been the target of major hacking campaigns.

The US Cyber Safety Review Board, which reports to the Department of Homeland Security, is already assessing a 2023 intrusion against Microsoft Exchange Online that the company attributed to China-linked hackers. That breach enabled the hack of senior US officials' email accounts and has prompted growing concerns about cloud computing security. Microsoft said in September it identified five different errors in how its systems that have “been corrected.”

Windows Keyboard Is Getting a New Microsoft AI Copilot Key

In an interview with Bloomberg in 2023 following that breach, Jen Easterly, director of the agency that manages the board, suggested that Microsoft should “recapture the ethos” of what Microsoft co-founder Bill Gates called “trustworthy computing” in 2002, when he instructed employees to focus on security over adding new features.

“I absolutely positively think they have to focus on ensuring their products are both secure by default and secure by design, and we are going to continue to work with them to urge them to do that,” Easterly said of Microsoft.

In November, Microsoft said it was overhauling how it protects its software and systems after a series of high-profile hacks. Now the company said it must pick up the pace on changes, particularly to older systems and products.

“For Microsoft, this incident has highlighted the urgent need to move even faster,” the company said Friday.

Is the Samsung Galaxy Z Flip 5 the best foldable phone you can buy in India right now? We discuss the company's new clamshell-style foldable handset on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.