Microsoft Reports Email Breach By Russian Group Midnight Blizzard

Russian hacking group Midnight Blizzard infiltrates Microsoft's senior leaders' emails, highlighting cybersecurity risks.

How did Midnight Blizzard hack Microsoft's emails?

Microsoft has disclosed a security breach in which a notorious Russian hacking group, Midnight Blizzard, infiltrated the email accounts of some senior leaders. The breach, detected on January 12, was contained by January 13.

Infiltration Of Senior Leadership's Email Accounts

Midnight Blizzard, also known as Nobelium, accessed a "very small percentage" of Microsoft employee emails in November, including those of top executives. Microsoft emphasized that the breach was not due to vulnerabilities in its products or services but was a targeted attack by the group.

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard | MSRC Blog | Microsoft Security Response Center
Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

Background Of Midnight Blizzard's Cyber Activities

Midnight Blizzard has been linked to significant cyber attacks in 2020, including the SolarWinds software hijacking that affected the US Treasury, Commerce departments, the Pentagon, and several Fortune 500 companies. The US has associated Midnight Blizzard with Russia’s foreign intelligence service. Microsoft had previously warned users in August about phishing attempts from this group mimicking Microsoft Teams chats.

Analysis And Response To The Security Breach

The hackers employed a password spray attack (a variation of a brute-force attack) to access a legacy account, which was then used to breach other accounts. Microsoft is currently assessing the impact and the extent of information accessed. The company is collaborating with law enforcement, and there is no evidence so far of customer accounts or AI systems being compromised. This incident has prompted Microsoft to accelerate efforts to balance security with business risk, recognizing the challenges posed by state-funded threat actors.

Microsoft's Urgent Call For Enhanced Security Measures

This latest attack by Midnight Blizzard has underscored the need for Microsoft to hasten its security enhancements. The company is reevaluating its approach to security in light of sophisticated, state-supported hacking groups, signaling a shift in its strategy to better protect against such threats.


Subscribe to our newsletter and follow us on X/Twitter.

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to REX Wire.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.