Russian govt threat actors hacked company's exec emails: Microsoft


New Delhi, Jan 20 (IANS): Microsoft has claimed that about two months ago, Russian state-sponsored threat actors gained access to its corporate networks and obtained emails belonging to executives and certain staff members in its legal and cybersecurity divisions.

The company has identified the threat actor as 'Midnight Blizzard', also known as 'Nobelium'.

Microsoft said that it detected the November 2023 breach on January 12 and later notified employees whose communications were intercepted.

"Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts," Microsoft said in a blogpost on Friday.

"The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself," it added.

The company also disclosed the intrusion in a filing with the US Securities and Exchange Commission (SEC), in which it mentioned that they "were able to remove the threat actor’s access to the email accounts on or about January 13, 2024".

The tech giant is also examining the information accessed to determine the impact of the incident and said that it will continue to investigate the extent of the incident.

"As of the date of this filing, the incident has not had a material impact on the Company’s operations. The Company has not yet determined whether the incident is reasonably likely to materially impact the Company’s financial condition or results of operations," Microsoft said.

In addition, the company noted that this incident has highlighted the urgent need to move even faster and will act immediately to apply the company's current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes.

  

Top Stories


Leave a Comment

Title: Russian govt threat actors hacked company's exec emails: Microsoft



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.