Microsoft hit by russian hackers: No customer data compromised

The tech giant announced a cyberattack on their information systems occurred on January 12, 2024. This was reportedly executed by overseas entities. The company's security team quickly initiated remedial measures which interrupted the hackers' activity and subsequently enabled them to identify the source of the intrusion. According to Microsoft, the group involved in the breach refers to itself as "Midnight Blizzard" and is likely backed by the Russian Federation.

Microsoft's statement notes that the hackers only penetrated a limited number of the company's corporate email accounts, inclusive of those belonging to executives. Employees from the security and legal departments also had their email accounts compromised. There's no evidence that hackers accessed any customer data or artificial intelligence systems.

The hackers pilfered some emails and attached documents. Upon investigation, it became clear that their primary objective was to discover information about the Midnight Blizzard group itself. They sought to learn how much information about them had been gathered by the tech corporation. This tactic parallels the group's past actions, which include their 2020 assault on the SolarWinds company. Subsequently, they tried to monitor the US government's response to their hacking attempts.

Microsoft disclosed that the hackers secured access to accounts through what's known as "password spraying". This method entails testing large volumes of commonly used passwords across numerous accounts, hoping for a few successful hits. Through this approach, they infiltrated some older accounts, which were subsequently utilized to compromise other accounts.

The company has not shared the exact number of breached accounts or the nature of the compromised information. Microsoft has, however, pledged to implement strategies promptly to forestall any future intrusions of this kind.