Cybercriminals seemed to be mostly looking for information about themselves.

On January 19, 2024, Microsoft announced its security teams had detected a State-sponsored attack against its computer systems on January 12, 2024. The cybercriminal group Midnight Blizzard, aka “Nobelium”, tied to Russian intelligence, is thought to have accessed the email accounts of Microsoft employees in November of 2023. Among the compromised emails are those of several members of management.

The cybercriminals managed to take over a supposedly inactive test account by trying many, very common, passwords. According to Microsoft, the authorizations granted by the account then allowed attackers to access “a very small percentage of Microsoft corporate email accounts,” including members of management, legal departments and cybersecurity.

Cybercriminals then searched for information on themselves. Midnight Blizzard has indeed been in Microsoft’s crosshairs for years, particularly since the group’s spectacular attack against SolarWinds in 2020.

Microsoft specifies that the attackers did not access “customer information, manufacturing systems, source code or artificial intelligence systems.” The company has updated its security standards, specifically its internal processes, in order to avoid this type of incident in the future.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.