Hackers who attacked Microsoft also hacked other organizations – the corporation made a statement
Microsoft has begun warning organizations that they have been targeted by the same Russian-sponsored hacker group that hacked into its executives’ emails in late 2023.
The group, known as Midnight Blizzard or Cozy Bear, was identified by Microsoft’s threat team as an entity that has attacked other organizations. This is stated in a statement by the corporation.
“The hackers – a group known as Midnight Blizzard or Cozy Bear – were identified by Microsoft’s threat intelligence team as the same entity that ‘targeted other organizations… As part of our normal notification processes, we have begun to notify these targeted organizations,'” the corporation said.
“The disclosure of this information indicates that the group’s activities extend beyond Microsoft,” Microsoft said in a statement.“Using the information gained during Microsoft’s investigation into Midnight Blizzard, Microsoft Threat Intelligence has determined that the same attacker has attacked other organizations, and as part of our normal notification processes, we have begun to notify those targeted organizations. It is important to note that this investigation is still ongoing and we will continue to provide details as appropriate,” Microsoft said.
Hewlett Packard Enterprise also reported a hack of its cloud-based email system, which was probably caused by Midnight Blizzard. The US government links this group to Russia. The same group previously used SolarWinds for cyber espionage against several federal agencies. Microsoft reported that the group gained access to email accounts due to the lack of two-factor authentication on the accounts.
As reported earlier, on January 19, 2024, Microsoft’s security team announced that it had detected an attack by Russian hackers on its corporate systems.
The attack took place on January 12. The corporation identified the attackers as Midnight Blizzar, a Russian-backed group also known as Nobelium.
The group used a password spoofing method and gained access to Microsoft corporate email accounts, including accounts of members of senior management and employees of cybersecurity, legal, and other departments.
