Microsoft: Russians went beyond email spying and resulted in stolen source code

Reading time icon 1 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Key notes

  • Russian hackers (Nobelium) infiltrated Microsoft beyond emails, stealing source code.
  • Microsoft confirms no customer data breach yet, but stolen emails raise concerns.
Microsoft building

Microsoft has disclosed that it has been the target of a nation-state attack, initially detected by its security team on January 12, 2024. The attack, attributed to the Russian state-sponsored group known as Midnight Blizzard or NOBELIUM, involved unauthorized access to the company’s corporate email systems.

According to Microsoft’s blog post, evidence suggests that Midnight Blizzard utilized information obtained from the compromised email systems to gain access to some of the company’s source code repositories and internal systems. However, it’s also been reported that there is no indication that Microsoft-hosted customer-facing systems have been compromised thus far.

The attackers have attempted to leverage various types of secrets, including those exchanged between customers and Microsoft via email. Microsoft has said that it is actively reaching out to affected customers to assist them in taking mitigating measures.

Midnight Blizzard’s tactics have intensified in recent weeks, with an increase in activities such as password spray attacks.

In response to the cyber attack, Microsoft has increased investments in security, improved cross-enterprise coordination, and enhanced monitoring and detection capabilities.

The company remains committed to ongoing investigations into Midnight Blizzard’s activities and pledges to share relevant findings as they evolve.

User forum

0 messages