Microsoft Security Breach: Russian Hackers Allegedly Access Email Accounts of Leadership Team Members

Email accounts of leadership team members compromised.

Microsoft's system has been breached by Russian hackers. This was confirmed by the software giant on Friday, Jan. 19, saying that they detected a nation-state attack.

Microsoft Security Breach: Russian Hackers Allegedly Access Email Accounts of Leadership Team Members
A hacker using a laptop computer at the Hacked By Def Con Press Preview during the 2016 Tribeca Film Festival at Spring Studios on April 15, 2016 in New York City. Rob Kim/Getty Images for Tribeca Film Festival

The American tech firm announced that Russian hackers compromised its corporate systems on Jan. 12. Microsoft promised that it already activated its response process.

This means that Microsoft is investigating the security breach, disrupting the cybersecurity attack, mitigating the breach, and preventing hackers from having further access.

Russian Hackers Breach Microsoft's Email System

According to Fortune's latest report, Microsoft identified the hackers as members of the highly-skilled Russian hacking group called Midnight Blizzard.

These malicious actors are also known as Nobelium, the Russian state-sponsored actor behind the SolarWinds security breach.

"As part of our ongoing commitment to responsible transparency as recently affirmed in our Secure Future Initiative (SFI), we are sharing this update," said Microsoft via its official blog post.

Unfortunately, the cybersecurity breach happened in late November 2023. This means that it has been more than a month before Microsoft detected the malicious campaign against its corporate email system.

The software giant confirmed that Russian hackers were able to access the accounts of its leadership team members. Email accounts of cybersecurity employees and legal team staff were also breached.

But, Microsoft claimed that only a "very small percentage" of corporate accounts were compromised. Some emails and attached documents were stolen as well.
Microsoft's spokesperson said that they haven't identified the exact numbers of affected senior leadership email accounts.

"We are in the process of notifying employees whose email was accessed," said the giant tech firm.

The software developer stated that they already removed the hackers' access from compromised accounts around Jan. 13.

How Russian Hackers Breach Microsoft Corporate System

Microsoft Security Breach: Russian Hackers Allegedly Access Email Accounts of Leadership Team Members
A sign outside a building with offices belonging to Microsoft is seen in Chevy Chase, Maryland, January 18, 2023. - Microsoft on January 18, 2023 said it would layoff 10,000 employees in the coming months as the economic downturn continues to punish US tech giants. SAUL LOEB / AFP) (Photo by SAUL LOEB/AFP via Getty Images

The American tech firm clarified that the latest corporate system breach was not a result of a service/product vulnerability. Instead, Russian threat actors used a password spray attack.

This allowed them to compromise a legacy non-production test tenant account, which gave them a foothold. After that, they used the account's permissions to access corporate email accounts.

As of writing, Microsoft said that they haven't found any evidence proving that these Russian hackers had access to customer environments, source code, AI systems, and production systems.

The software giant added that if ever it found evidence, it would immediately notify consumers.

Tags
Microsoft, Russian Hackers
Real Time Analytics