Microsoft says Russian hackers accessed executives' emails
The hacker group believed to responsible for the breach was previously linked to Russia's foreign intelligence agency. Microsoft confirmed that the hackers did not access any customer accounts
A Russian hacking group gained access to Microsoft's corporate email system and accessed the accounts of senior executives, the company said Friday evening.
Microsoft believes the Russian state-sponsored group Midnight Blizzard, also known as Nobelium, was responsible for the hack.
"To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required," Microsoft Security Response Center said in a blog post on Friday.
Hackers gained foothold in one account
The attack began in November last year, with the hackers bombarding a particular "legacy" (likely outdated) account with possible passwords.
They used the account's permissions to "access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions."
The company said that hackers could view and download some emails and attached documents.
Microsoft's security team detected the latest attack on January 12, triggering defenses that blocked further access by the hackers.
Midnight Blizzard known 'cyber actor'
Microsoft says the hackers seemed to seek information about Midnight Blizzard itself.
The US National Intelligence Agency considers Midnight Blizzard a "cyber" actor of the Russian Foreign Intelligence Service.
The group was behind the so-called SolarWinds breach in 2020, a massive hack of US government agencies and corporations.