Microsoft Acknowledges Cybersecurity Breach: Employee Emails Compromised by Russia-Linked ‘Midnight Blizzard’ Group, Confirms Company Statement.

Limited Impact: Microsoft Assures No Customer or Server Breach Amidst Employee Email Hacking by ‘Midnight Blizzard’ Group.

Microsoft has confirmed that a Russian-linked hacking group, identified as Midnight Blizzard, targeted its corporate systems, gaining access to a “small number” of email accounts, including those belonging to senior leadership, cybersecurity professionals, and legal staff. In response to the breach, the company is taking immediate action to address vulnerabilities in older systems, anticipating potential disruptions during the remediation process.

Fortunately, Microsoft asserts that the hacking group did not compromise customers’ systems or breach Microsoft servers responsible for running outward-facing products, as stated in a blog post on Friday. The tech giant further clarified that there is no evidence suggesting Midnight Blizzard accessed source code or artificial intelligence systems within the company.

In their statement, Microsoft expressed their commitment to promptly applying current security standards to Microsoft-owned legacy systems and internal business processes. However, the necessary changes may result in some disruption to existing business operations. The company emphasized its dedication to mitigating the impact of the breach and safeguarding its systems against future cyber threats.

The group that Microsoft deemed responsible, also known as “Nobelium,” is a sophisticated nation-state hacking group that the US government has tied to Russia. The same group previously breached SolarWinds, a US federal contractor, as part of a massive cyber-espionage effort against US federal agencies.

The company said hackers beginning in November used a “password spray” attack to infiltrate its systems. That technique, sometimes known as a “brute force attack,” typically involves outsiders quickly trying multiple passwords on specific user names in order to try breaching targeted corporate accounts.

 

 

In this case, in addition to the accessed accounts, the attackers also took emails and attached documents. Microsoft said it detected the hack on January 12, adding that the company is still notifying employees whose emails were accessed.

Eric Goldstein, executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency, said government officials are “closely coordinating with Microsoft to gain additional insights into this incident and understand impacts so we can help protect other potential victims.”

In November, Microsoft said it was overhauling how it protects its software and systems after a series of high-profile hacks. Now the company said it must pick up the pace on changes, particularly to older systems and products.

“For Microsoft, this incident has highlighted the urgent need to move even faster,” the company said Friday.