Microsoft says Russian state-sponsored hackers trying to breach its systems again

Says it has no evidence that its customer-facing systems had been compromised in the hack


Reuters March 08, 2024

Microsoft said on Friday that Russian state-sponsored hacking group Midnight Blizzard was trying to breach its systems again using information it stole by hacking into the tech giant's corporate emails in January.

In the January attack, the hacking group that is also known as Nobelium had breached Microsoft's corporate email systems and stolen emails and documents from staff accounts.

"In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorised access," the company said in a statement on its blog.

Read more: Microsoft announces principles to foster innovation, competition in AI

That data includes some of its source code repositories and internal systems, Microsoft said.

The company's shares edged lower following the news,

"It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found," it added. "Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures."

In some ways the hackers had become more aggressive in trying to penetrate Microsoft, the company said. For instance the hackers' use of 'password sprays' -- where an attacker uses the same password on multiple accounts in the hope of breaking in -- had increased as much as tenfold compared to their January attack, Microsoft said.

The Russian embassy in Washington has previously not responded to requests for comment on Microsoft's statements about the Midnight Blizzard attack.

Microsoft added that it had no evidence that its customer-facing systems had been compromised in the hack.

COMMENTS

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ