![Microsoft Emails were compromised in the recent Russian hack Microsoft Emails were compromised in the recent Russian hack](https://varindia.com/storage/news/2024/07/qS1TM6EeIWJ8UQ5BGTqr1Z5dDPyMRmdwFX30xRjm.webp)
The Russian cyberattack, known as Midnight Blizzard attack on Microsoft affected more organizations than previously disclosed. Microsoft has now informed several customers about the compromise.
No further information was shared on the targeted companies or government bodies. Some organizations had already discovered they’d been hacked, while others only learned about the compromise when Microsoft informed them over the past few weeks.
The initial incident revealed significant security flaws at Microsoft, which is among the world’s largest security companies. For example, two-step authentication (2FA/MFA) was not in place for many of its executives, allowing Midnight Blizzard’s password spraying efforts to succeed through simple but intense guesswork and brute-forcing.
In the Microsoft case, the company initially disclosed the intrusion approximately six months ago. Recently, on last Thursday, Microsoft informed customers that emails were stolen during the breach. However, the exact dates of the intrusion are still unclear, adding to the complexity of breach detection and response timelines.
This situation has been likened to a Pandora's box for Microsoft, as the full scope and impact of the breach continue to unfold. The hackers not only breached Microsoft's systems and monitored staff inboxes but also managed to steal emails belonging to its customers.
Sources said, in January 2024, Microsoft revealed the group compromised the email accounts of some of its senior leadership team. The firm later revealed Midnight Blizzard used information exfiltrated from its corporate email systems to gain access to source code and internal systems.
The Russian cyberattack, known as Midnight Blizzard, occurred in late November 2023 and primarily targeted Microsoft's corporate leadership, among others. However, it has now been revealed that the hackers also accessed emails belonging to senior members of the US government. The full extent of the attack on other organizations remains unclear.
Since late June, Midnight Blizzard has continued its activities, including compromising the German remote access software provider TeamViewer. This software could potentially serve as another attack vector for the Russian state hackers if compromised.
Midnight Blizzard appears to be aiming for a similar impact as the SolarWinds hack of 2020. During that incident, a Russia-linked group compromised SolarWinds' software, leading to the theft of extensive data from US government agencies and companies. The hack also affected organizations in seven other countries.
There are concerns whether Microsoft's public statements have been fully transparent or if information has been selectively disclosed to mitigate the impact of the hack. The breadth of the breach is now understood, leading to increased regulatory scrutiny.
The breaches underscore questions about the security of Microsoft's software and systems against foreign threats. This is not the first time Microsoft has faced such challenges; previously, a Chinese hacking group allegedly stole thousands of US government emails.
The Russian government has not responded to these revelations. Microsoft revealed that the hackers targeted cybersecurity researchers investigating the hacking group. While customers who corresponded with affected Microsoft corporate email accounts have been notified, specific details such as the number of impacted customers or the extent of emails stolen remain undisclosed.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.