Microsoft Email Accounts Hacked by Russian Group
Microsoft disclosed that a Russian government-sponsored hacking group, known as Midnight Blizzard (also referred to as APT29 or Cozy Bear), breached some of the company’s corporate email accounts.
Interestingly, the hackers targeted accounts belonging to Microsoft’s senior leadership team and employees in cybersecurity, legal, and other functions.
The hackers motive was unique and that is they were not after customer data or typical corporate information. Instead, they aimed to find out what Microsoft knows about them. Microsoft’s investigation revealed that the hackers initially targeted email accounts for information related to Midnight Blizzard itself.
The breach was executed using a “password spray attack” against a legacy account, which then allowed access to a small percentage of Microsoft’s corporate email accounts. The exact number of breached accounts and the details of the accessed information remain undisclosed.
In response to this incident, Microsoft emphasized the need to accelerate security measures, particularly for legacy systems and internal business processes. This move might cause some disruption to existing business processes, but the company views it as a necessary step.
APT29, or Cozy Bear, is a notorious Russian hacking group responsible for several high-profile attacks, including those against SolarWinds in 2019 and the Democratic National Committee in 2015.