Microsoft says it was hit by Russian hackers in January

Reading time icon 2 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Key notes

  • Microsoft said it was continuing to investigate the attack and would work with law enforcement and regulators.
  • The attack was not the result of a vulnerability in Microsoft products or services.
russian hackers

Microsoft said it was the target of a cyberattack by a Russian government-backed group in January, the same group that was behind the SolarWinds hack last year.

The company said in a blog post on Friday that it detected the attack on its corporate systems on Jan. 12 and took steps to stop it. Microsoft identified the attackers as Midnight Blizzard, also known as Nobelium, a state-sponsored group that has been linked to the Kremlin.

According to Microsoft, the hackers used a technique called password spraying to breach a non-production test account and then used its access to snoop on a small number of corporate email accounts, including some of its senior executives and staff in its cybersecurity, legal and other departments. The hackers also stole some emails and documents from the accounts.

Microsoft said it was notifying the affected employees and that there was no evidence that the hackers had any access to its customer data, production systems, source code or artificial intelligence systems. The company said it would alert customers if any action was needed.

The attack underscores the persistent threat that nation-state actors pose to organizations, Microsoft said. The company said it was shifting its balance between security and business risk, and that it would apply its current security standards to its legacy systems and internal processes, even if that caused some disruption.

Microsoft said it was continuing to investigate the attack and would work with law enforcement and regulators. The company said it was committed to sharing more information and learnings with the community and would provide additional details as appropriate.

User forum

0 messages