Microsoft claims that a state-sponsored Russian hacking outfit gained access to senior executives’ email accounts
Microsoft stated that it is now informing staff members whose email accounts were compromised by a Russian hacking outfit.
Senior executives’ email accounts were compromised by a Russian hacker gang, Microsoft revealed in a regulatory filing on Friday afternoon.
“The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access,” said in a blog post by the Microsoft Security Response Center.
Notably, Nobelium is the same organization that caused the infamous SolarWinds hack in 2020.
According to the blog post, hackers were able to access «a very small percentage of Microsoft corporate email accounts,» including those of the company’s top leadership team and staff workers working in its legal and cybersecurity departments.
The business reported that certain emails and the papers they were attached to were compromised by hackers; nevertheless, the initial analysis suggests that the attackers were only looking for information about Midnight Blizzard. This is similar to what the same outfit did in 2020 when it penetrated US agencies using modified software created by SolarWinds and then tried to monitor how the US government was reacting to its incursions.
According to Microsoft, employees whose email was accessed are being notified. According to Microsoft, there is currently no proof that the hackers obtained access to client environments or artificial intelligence systems.
Cybersecurity and Infrastructure Security Agency for comment on the incident on Friday, they did not answer right away. Microsoft turned down our request for more information.
«The FBI is aware of the incident and we are diligently working with our federal partners to provide assistance,» the FBI said in an email to CNN. As usual, we advise anyone who has been harmed by a cyber incident to get in touch with their local FBI field office.