June 28, 2024 at 02:04PM
Microsoft’s corporate infrastructure hack by the Russian government continues to have far-reaching impact as it’s revealed that customers’ emails were also stolen by the Midnight Blizzard hackers. The company is notifying affected customers and providing a secure portal for them to review the compromised emails. The hacking group seems to be using the stolen information for future attacks.
From the meeting notes, it is clear that the Russian government’s hack of Microsoft’s corporate infrastructure has had widespread implications. The breach, which led to a US government investigation and significant changes to Microsoft’s security practices, has now been revealed to have affected a larger base of the company’s customers.
Microsoft has informed customers that their emails were accessed by the threat actor Midnight Blizzard during the cyber-attack on the company. The company is proactively sharing the specifics of the exfiltrated emails through a secure portal to enable affected organizations to review them. Additionally, Microsoft is reaching out to customers who had their information compromised to assist them in taking mitigating measures.
Furthermore, it has been noted that the same threat actor, Midnight Blizzard/Nobelium, was responsible for the 2020 hacking of IT management solutions provider SolarWinds in a massive supply chain attack.
The breadth of the incident’s impact is still emerging, as surprised customers have been posting notifications of the hack on social media. This suggests that the breach had a broader impact on Microsoft’s customer base than previously realized.
It’s evident that Microsoft is working to address the fallout from the breach, taking steps to assist affected customers and further bolster its cybersecurity strategy in response to this and related incidents.