Microsoft warns customers that Russian hackers accessed emails

28 Jun 2024

Image: © JeanLuc Ichard/Stock.adobe.com

Microsoft has been the victim of a couple of high-profile breaches over the past year, which has put its cybersecurity practices under scrutiny.

Microsoft is continuing to suffer from a cyberattack earlier this year, as it has informed more customers that these hackers managed to access their emails.

The tech giant faced a serious threat at the start of the year when it was attacked by Midnight Blizzard, a group that Microsoft claims is a Russian state-sponsored attacker. Microsoft said this group managed access Microsoft corporate customer email accounts thanks to a “password spray attack” it began in November 2023.

The company raised further alarm when it said Midnight Blizzard had increased the scale of its password spray attacks by “as much as tenfold” by February 2024. Now, Microsoft has informed more corporate customers that their emails were accessed, according to company statements to both Bloomberg and Reuters.

“This is increased detail for customers who have already been notified and also includes new notifications,” the Microsoft spokesperson told Reuters. “We’re committed to sharing information with our customers as our investigation continues.”

Midnight Blizzard has gone by many names over the years, being also known as APT29, a group that has been previously referred to as CozyBear. Multiple cybersecurity organisations claim this group is linked to Russia’s intelligence service.

The gang has also been linked to a recent attack on remote access giant TeamViewer. The company said it is dealing with a cyberattack on its corporate network and attributed this activity to Midnight Blizzard.

“Based on current findings of the investigation, the attack was contained within the corporate IT environment and there is no evidence that the threat actor gained access to our product environment or customer data,” TeamViewer said.

Microsoft has been facing strong scrutiny over recent cybersecurity breaches, such as the Midnight Blizzard hack and the massive breach of US government emails last year that was attributed to a China-linked hacking group.

A report from the US Cyber Safety Review Board in April criticised Microsoft’s security measures, called the massive email leak “preventable” and attributed the breach to a “cascade” of avoidable errors on Microsoft’s part.

As a result of these attacks, Microsoft president Brad Smith had to speak about the company’s security practices to US lawmakers earlier this month.

Find out how emerging tech trends are transforming tomorrow with our new podcast, Future Human: The Series. Listen now on Spotify, on Apple or wherever you get your podcasts.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com