Connect with us

Hi, what are you looking for?

Entertainment

Microsoft Reports Russian Hackers Targeted Emails of Senior Leaders

Russian hackers target emails of Microsoft senior leaders, company says

Microsoft revealed on Friday that a Russian hacking group, identified as Midnight Blizzard or Nobelium, gained unauthorized access to certain email accounts belonging to the company’s senior leaders. The software corporation disclosed the incident in a regulatory filing, stating that it detected a “nation-state attack” on its systems on January 12 and successfully halted the intrusion on January 13.

According to the filing, Nobelium utilized a “password spray attack” in November, a method involving the trial of commonly used passwords, to infiltrate a “legacy” account. Subsequently, the group leveraged the permissions of that compromised account to access a “very small percentage” of corporate email accounts. The affected accounts included those of Microsoft senior leadership, as well as employees in cybersecurity, legal, and other departments.

Microsoft Reports Russian Hackers Targeted Emails of Senior Leaders

Microsoft Reports Russian Hackers Targeted Emails of Senior Leaders (Credits: The Daily Beast)

Microsoft clarified that Nobelium’s primary objective initially appeared to be gathering information about the hacking group itself. There was no indication that the group gained access to customer accounts or AI systems. Microsoft is actively notifying employees whose emails were accessed and will inform customers if any action is necessary on their part.

The company emphasized that the attack did not stem from a vulnerability in its products or services. Instead, it underscored the ongoing risk organizations face from “well-resourced nation-state threat actors” like Nobelium. Notably, Nobelium was also responsible for the high-profile 2020 attack on the software company SolarWinds, targeting various government agencies, including the Pentagon.

Microsoft’s disclosure aligns with new government requirements mandating the disclosure of cybersecurity incidents. Under these regulations, companies must report any cybersecurity incident deemed to have a “material impact,” detailing the extent and nature of the impact. While Microsoft does not believe the attack had a material impact, the company opted to adhere to the spirit of the new rules by making the disclosure.

Click to comment
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

We’re dedicated to providing you the most authenticated news. We’re working to turn our passion for the political industry into a booming online news portal.

You May Also Like

News

In the fiscal year 2022-23, Pakistan’s National Electric Power Regulatory Authority (NEPRA) granted a total of 1,596 net-metering licenses nationwide, collectively amounting to 221.05...

News

Spoilers! The demon Akaza from Kimetsu no Yaiba dies in the eleventh arc of the manga and the one responsible for his death is...

Entertainment

Actress Emma D’Arcy is from the British rebellion. She has only appeared in a small number of movies and TV shows. It might be...

Entertainment

Jennifer Coolidge Is Pregnant: Jennifer Coolidge Audrey Coolidge is a comedian and actress from the United States. Many of her followers are wondering if...