Microsoft says it was hacked by a Russian state-sponsored group. “To date, there is no evidence that the threat actor had access to customer environments, production systems, source code or AI systems,” the company announced Friday. The hackers gained access to emails from high-ranking managers in the company. The attack began in November and was discovered a week ago.
In addition to emails from management, the attackers also read emails from employees in the areas of cybersecurity and law, it was said. It remained unclear how many accounts were affected. According to Microsoft, it was a “very small percentage.” The group had around 221,000 employees in mid-2023.
According to Microsoft, the hackers got into the email system after cracking the password of an internal test account. The attack was not a result of vulnerabilities in Microsoft’s products or services. There is also no evidence that the attackers had access to customer areas, software source codes or systems with artificial intelligence.
More on the topic: Hacker attacks
Cyber attacks: protection sought
Vulkan Files: According to media reports, Russia is planning global cyber attacks
Hacker attacks: Great Britain accuses Russia of attacking democracy by hackers
Links to Russian spy service
According to Microsoft, a Russian group known as Midnight Blizzard and Nobelium is behind the hack. Microsoft’s threat research team routinely investigates nation-state hackers, and the Midnight Blizzard group breached the company’s systems on January 12th. The hackers “first” looked for information about the group in the emails, it said, citing initial investigation results.
Midnight Blizzard is also known as APT29 or Cozy Bear by cybersecurity researchers and, according to US authorities, is linked to the Russian spy service SVR. The hacker group is best known for its intrusion into the American Democratic National Committee in 2016.
Newsletter © ZEIT ONLINE
The money newsletter
By registering you take the Data protection
to note.
Thank you! We have sent you an email.
Check your mailbox and confirm your newsletter subscription.
At the end of 2023, the British government accused the Russian secret service FSB of interfering in British politics with cyber attacks on politicians, journalists and non-governmental organizations. Russia rejected the allegations.
Microsoft software is used in many companies and government agencies around the world. Depending on the relevance of the information captured, the hack could have far-reaching consequences. Maintenance software from SolarWinds was infected in one of the most serious cyber attacks by suspected Russian hackers in 2020. The attackers used them to gain access to the systems of dozens of companies and authorities. The US Securities and Exchange Commission (SEC) filed a lawsuit against SolarWinds over this attack in October 2023. The authority accused SolarWinds of concealing security risks in its systems from its shareholders.
Microsoft says it was hacked by a Russian state-sponsored group. “To date, there is no evidence that the threat actor had access to customer environments, production systems, source code or AI systems,” the company announced Friday. The hackers gained access to emails from high-ranking managers in the company. The attack began in November and was discovered a week ago.
In addition to emails from management, the attackers also read emails from employees in the areas of cybersecurity and law, it was said. It remained unclear how many accounts were affected. According to Microsoft, it was a “very small percentage.” The group had around 221,000 employees in mid-2023.