Microsoft reveals a cyber attack by Russian hacking group Midnight Blizzard, the same group behind the 2020 SolarWinds attack.
The breach affected a small percentage of corporate email accounts, targeting senior leadership and cybersecurity teams. The attackers accessed information about themselves, withdrawing emails and attached documents.
Midnight Blizzard launched the attack in late November, utilising a “password spray” tactic.
Breached accounts include senior leadership, cybersecurity, legal teams, and others.
Microsoft detected the threat only last week, but the breach wasn’t due to a vulnerability in Microsoft products or services.
The attackers withdrew some emails and attached documents but didn’t access customer environments, production systems, source code, or AI systems.
Microsoft emphasises the need to enhance cybersecurity measures, planning immediate action to secure legacy systems and internal processes.
