Microsoft said Friday that Russian hackers accessed the email accounts of its top executives and “exfiltrated emails and secure attachments,” according to a regulatory filing.
The hackers “gained access to and exfiltrated information from a very small percentage of employee email accounts,” through a password spray attack on “a legacy non-production test tenant account.”
“Microsoft knows the venture actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobeliumm,” the document reads. This actor is also guilty of the SolarWinds cyberattacks in 2020 and has been known through the U. S. government. He is a member of the Russian foreign intelligence organization.
Microsoft says the attack is not the result of a vulnerability in Microsoft products or services, and there is no evidence that hackers had access to customers’ systems, source code, or artificial intelligence systems.
“Given the truth of nation-state-funded and funded threat actors, we are shifting the balance we want to strike between security and the business threat; the classic type of computing is no longer sufficient,” the document says, adding that Microsoft is applying existing security criteria to legacy systems and internal business processes, even if those adjustments are likely to disrupt existing business operations.
This is an ongoing story, please check back later for updates.
Do you have insight to share? Got a tip? Contact Kylie Robison at [email protected], through secure messaging app Signal at 415-735-6829, or via X DM.