Current:Home > ContactMicrosoft says state-backed Russian hackers accessed emails of senior leadership team members -FundGuru
Microsoft says state-backed Russian hackers accessed emails of senior leadership team members
View
Date:2025-04-14 15:24:04
BOSTON (AP) — State-backed Russian hackers broke into Microsoft’s corporate email system and accessed the accounts of members of the company’s leadership team, as well as those of employees on its cybersecurity and legal teams, the company said Friday.
In a blog post, Microsoft said the intrusion began in late November and was discovered on Jan. 12. It said the same highly skilled Russian hacking team behind the SolarWinds breach was responsible.
“A very small percentage” of Microsoft corporate accounts were accessed, the company said, and some emails and attached documents were stolen.
A company spokesperson said Microsoft had no immediate comment on which or how many members of its senior leadership had their email accounts breached. In a regulatory filing Friday, Microsoft said it was able to remove the hackers’ access from the compromised accounts on or about Jan. 13.
“We are in the process of notifying employees whose email was accessed,” Microsoft said, adding that its investigation indicates the hackers were initially targeting email accounts for information related to their activities.
The Microsoft disclosure comes a month after a new U.S. Securities and Exchange Commission rule took effect that compels publicly traded companies to disclose breaches that could negatively impact their business. It gives them four days to do so unless they obtain a national-security waiver.
In Friday’s SEC regulatory filing, Microsoft said that “as of the date of this filing, the incident has not had a material impact” on its operations. It added that it has not, however, “determined whether the incident is reasonably likely to materially impact” its finances.
Microsoft, which is based in Redmond, Washington, said the hackers from Russia’s SVR foreign intelligence agency were able to gain access by compromising credentials on a “legacy” test account, suggesting it had outdated code. After gaining a foothold, they used the account’s permissions to access the accounts of the senior leadership team and others. The brute-force attack technique used by the hackers is called “password spraying.”
The threat actor uses a single common password to try to log into multiple accounts. In an August blog post, Microsoft described how its threat-intelligence team discovered that the same Russian hacking team had used the technique to try to steal credentials from at least 40 different global organizations through Microsoft Teams chats.
“The attack was not the result of a vulnerability in Microsoft products or services,” the company said in the blog. “To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required.”
Microsoft calls the hacking unit Midnight Blizzard. Prior to revamping its threat-actor nomenclature last year, it called the group Nobelium. The cybersecurity firm Mandiant, owned by Google, calls the group Cozy Bear.
In a 2021 blog post, Microsoft called the SolarWinds hacking campaign “the most sophisticated nation-state attack in history.” In addition to U.S. government agencies, including the departments of Justice and Treasury, more than 100 private companies and think tanks were compromised, including software and telecommunications providers.
The main focus of the SVR is intelligence-gathering. It primarily targets governments, diplomats, think tanks and IT service providers in the U.S. and Europe.
veryGood! (778)
Related
- Realtor group picks top 10 housing hot spots for 2025: Did your city make the list?
- North Carolina Hurricanes Linked to Increases in Gastrointestinal Illnesses in Marginalized Communities
- Indian Court Rules That Nature Has Legal Status on Par With Humans—and That Humans Are Required to Protect It
- Amber Heard Says She Doesn't Want to Be Crucified as an Actress After Johnny Depp Trial
- 'Malcolm in the Middle’ to return with new episodes featuring Frankie Muniz
- Taylor Swift Jokes About Apparent Stage Malfunction During The Eras Tour Concert
- Has JPMorgan Chase grown too large? A former White House economic adviser weighs in
- This company adopted AI. Here's what happened to its human workers
- How to watch the 'Blue Bloods' Season 14 finale: Final episode premiere date, cast
- California Water Regulators Still Haven’t Considered the Growing Body of Research on the Risks of Oil Field Wastewater
Ranking
- House passes bill to add 66 new federal judgeships, but prospects murky after Biden veto threat
- Bed Bath & the great Beyond: How the home goods giant went bankrupt
- Warming Trends: Carbon-Neutral Concrete, Climate-Altered Menus and Olympic Skiing in Vanuatu
- California Considers ‘Carbon Farming’ As a Potential Climate Solution. Ardent Proponents, and Skeptics, Abound
- All That You Wanted to Know About She’s All That
- Pregnant Kourtney Kardashian Showcases Baby Bump in Elevator Selfie
- Sue Johanson, Sunday Night Sex Show Host, Dead at 93
- Little Big Town to Host First-Ever People's Choice Country Awards
Recommendation
San Francisco names street for Associated Press photographer who captured the iconic Iwo Jima photo
Fox isn't in the apology business. That could cost it a ton of money
Kate Spade 24-Hour Flash Deal: Get This $400 Satchel Bag for Just $89
‘Last Gasp for Coal’ Saw Illinois Plants Crank up Emission-Spewing Production Last Year
Sam Taylor
In the Race for Pennsylvania’s Open U.S. Senate Seat, Candidates from Both Parties Support Fracking and Hardly Mention Climate Change
Feeding Cows Seaweed Reduces Their Methane Emissions, but California Farms Are a Long Way From Scaling Up the Practice
SpaceX wants this supersized rocket to fly. But will investors send it to the Moon?