An attack on Microsoft by Russian hackers had further implications than initially reported. The tech giant is notifying additional individuals that emails between them and Microsoft were accessed, Bloomberg reports. A group known as Midnight Blizzard or Nobelium orchestrated this attack, along with the 2020 SolarWinds hack. The US government has previously linked Midnight Blizzard to the Russian Foreign Intelligence Service.
Microsoft previously informed some individuals that their emails were viewed, but the company is now sharing specifics. "This week we are continuing notifications to customers who corresponded with Microsoft corporate email accounts that were exfiltrated by the Midnight Blizzard threat actor, and we are providing the customers the email correspondence that was accessed by this actor," a Microsoft spokesperson stated. "This is increased detail for customers who have already been notified and also includes new notifications." Microsoft is making customers aware via email, which initially led to concerns that the notification was a phishing scam.
Microsoft first disclosed the hack in January, stating that a password spray attack gained the group access to "a very small percentage of Microsoft corporate email accounts" in late 2023. Employees with compromised emails included members of the senior leadership, cybersecurity and legal teams.
At the time, Microsoft said vulnerabilities in its systems were not to blame for the attack but that it would be improving security. However, the US government has brought the heat against Microsoft, with a March report from the Cyber Safety Review Board finding the company's "security culture was inadequate and requires an overhaul." In April, the US Cybersecurity and Infrastructure Security Agency (CISA) issued an order requiring federal agencies to analyze hacked emails and secure Microsoft cloud accounts, among other measures. CISA notified all impacted agencies and required them to provide regular updates on the steps taken to thwart this "grave and unacceptable risk."
This article originally appeared on Engadget at https://www.engadget.com/microsoft-reveals-further-emails-compromised-by-russian-hack-130014275.html?src=rss https://www.engadget.com/microsoft-reveals-further-emails-compromised-by-russian-hack-130014275.html?src=rssConnectez-vous pour ajouter un commentaire
Autres messages de ce groupe
The Detroit Police Department has to adopt new rules curbing its reliance on facial recognition technology after the city reached a settlement this week with Robert Williams, a Black man who was wr
NASA and Boeing plan to spend the next few weeks conducting tests on the ground in order to better understand issues with the Starliner spacecraft’s thrusters before giving its crew the go-ahead to
While people who own and sell cryptocurrency have always had to pay taxes on their earnings, a new rule final
FCC Chairwoman Jessica Rosenworcel has drafted a series of letters to nine major telecom c
According to the Prison Policy Institute, the US has a higher incarceration rate per 100,000 people in its popul
