Microsoft (MSFT) said Friday a Russian state-sponsored group launched an attack on the tech giant’s network.
X
The attack was detected January 12 by Microsoft’s security team which “immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access,” the company said in a blog post.
Microsoft identified the culprit as Midnight Blizzard, a “Russian state-sponsored actor also known as Nobelium.”
“Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold,” Microsoft said.
Midnight Blizzard was able to “access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents,” the company said.
Microsoft said the breach “was not the result of a vulnerability in Microsoft products or services.”
In reporting the attack, Microsoft noted last year’s launch of its Secure Future Initiative, saying, “Given the reality of threat actors that are resourced and funded by nation states, we are shifting the balance we need to strike between security and business risk – the traditional sort of calculus is simply no longer sufficient. This incident has highlighted the urgent need to move even faster.”
The software behemoth has been working to boost its cybersecurity business, even as it grappled with what’s been described as a sketchy record on security.
YOU MAY ALSO LIKE
