Russian hackers stole Microsoft corporate emails in month-long breach
Microsoft has disclosed that several of its corporate email accounts were breached by a Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12, 2024. Microsoft’s internal investigation concluded that the attack was conducted by a group of Russian threat actors associated with Nobelium/APT29 (sometimes known as Midnight Blizzard or Cozy Bear). The software titan said that the threat actors breached their systems in November 2023 by conducting a password spray attack to access a legacy non-production test tenant account. Microsoft says the hackers accessed a “small percentage” of Microsoft’s corporate email accounts for over a month including accounts tied to the company’s leadership team and employees in the cybersecurity and legal departments. The company speculates that the threat actors were looking for information about their own gang.
The fact that the hackers were able to gain access to the account using a brute force attack indicates it was not protected with two-factor authentication (2FA) or multi-factor authentication (MFA), a security practice that Microsoft recommends on all types of online accounts.
How It Could Affect Your Business: Even the biggest companies can be brought low by a simple cybersecurity problem.
I Do I.T. to the Rescue: An endpoint detection and response solution can help businesses stop the spread of a cyberattack fast.
Get In Touch
Share On Social Media
Other Recent Blog Articles
The Voice on the Phone Isn’t Who You Think It Is: AI Scams Are Coming for Portland Small Businesses
A few years ago, “phishing email” was the scariest phrase in small business IT. Bad spelling, a sketchy link, a fake invoice from “Microsoft Support.” Most of us got pretty…
Your Cybersecurity Is Only as Strong as Your Weakest Vendor
The Nintendo TinyPulse Breach Is a Wake-Up Call for Every Business Nintendo is one of the most recognized brands on the planet. They guard their intellectual property fiercely, have weathered…
Fake IT Workers Are Showing Up at Offices — And They’re After Your Data
Cybercrime has never been more brazen. Ransomware gangs have long relied on phishing emails and malicious software to compromise businesses — but a group known as the Silent Ransom Group has taken…