Advertisement

Microsoft corporate emails hacked by Russian-backed group, company says

Microsoft corporate emails hacked by Russian-backed group, company says

Microsoft revealed Friday that some of its corporate email accounts were hacked by a Russian-backed group.

The tech company said in a blog post that its security team detected the attack on Jan. 12 and quickly identified the group responsible: Midnight Blizzard, "the Russian state-sponsored actor also known as Nobelium."

PHOTO: In this April 27, 2021, file photo, a sign is shown on the Microsoft corporate campus in Redmond, Wash. (Sipa USA via AP, FILE)
PHOTO: In this April 27, 2021, file photo, a sign is shown on the Microsoft corporate campus in Redmond, Wash. (Sipa USA via AP, FILE)

In late November, the group allegedly used a "password spray attack," where a user uses a single common password against multiple accounts on the same application, to "compromise a legacy non-production test tenant account and gain a foothold," according to Microsoft.

MORE: 9 Russians charged with cyberattacks targeting US companies

The group then "used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents," the company said.

The hackers allegedly were targeting email accounts for information related to Midnight Blizzard, Microsoft said.

PHOTO: Students on computers in a classroom in an undated stock photo.  (STOCK PHOTO/Getty Images)
PHOTO: Students on computers in a classroom in an undated stock photo. (STOCK PHOTO/Getty Images)

Microsoft was able to remove the hacker's access to the email accounts on Jan. 13, according to a company filing with the SEC.

MORE: DOJ charges 2 Russian officers with global hacking campaign targeting US, UK intelligence officials

"To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required," the company said.

The company said it is in the process of informing its affected users.

The investigation is ongoing.

Microsoft corporate emails hacked by Russian-backed group, company says originally appeared on abcnews.go.com