Russian hackers stole Microsoft corporate emails in month-long breach

Microsoft has disclosed that several of its corporate email accounts were breached by a Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12, 2024. Microsoft’s internal investigation concluded that the attack was conducted by a group of Russian threat actors associated with Nobelium/APT29 (sometimes known as Midnight Blizzard or Cozy Bear). The software titan said that the threat actors breached their systems in November 2023 by conducting a password spray attack to access a legacy non-production test tenant account. Microsoft says the hackers accessed a “small percentage” of Microsoft’s corporate email accounts for over a month including accounts tied to the company’s leadership team and employees in the cybersecurity and legal departments. The company speculates that the threat actors were looking for information about their own gang.

The fact that the hackers were able to gain access to the account using a brute force attack indicates it was not protected with two-factor authentication (2FA) or multi-factor authentication (MFA), a security practice that Microsoft recommends on all types of online accounts.

How It Could Affect Your Business: Even the biggest companies can be brought low by a simple cybersecurity problem.

I Do I.T. to the Rescue: An endpoint detection and response solution can help businesses stop the spread of a cyberattack fast.

https://www.bleepingcomputer.com/news/security/russian-hackers-stole-microsoft-corporate-emails-in-month-long-breach/#google_vignette

Get In Touch

Share On Social Media

Other Recent Blog Articles

Digital Vigilance: Fortifying Your Defenses in the Face of Cyber Threats

February 28, 2024

Welcome to this episode where we plunge deep into the intricate realm of hacking, arming you with indispensable knowledge on the necessary actions to undertake upon uncovering a security breach.…

Read More

Empowering Tech Resilience: Navigating Surge Protection and Uninterruptible Power Supplies with Steve!

February 21, 2024

Greetings and welcome to Breaking Down I.T. with Steve, the ultimate podcast destination where we unravel the intricacies of technology. In this latest episode, we embark on a journey to…

Read More

Understanding Proactive IT Strategies for Small Businesses

February 21, 2024

Proactive IT strategies for small businesses are about staying ahead of problems before they hit. Think of it like this, you wouldn’t wait for a leak to flood your house…

Read More