A group of Russian hackers that broke into Microsoft‘s systems to spy on staff emails also stole emails from customers, Microsoft said on Thursday (27 June).
Microsoft provided its affected customers with updates regarding the Russian cyberattack that initially occurred in late November 2023.
Earlier this year, Microsoft revealed that the notorious Russian hacking group known as NOBELIUM, or Midnight Blizzard, had accessed its employees’ email correspondence.
However, the hacking group also infiltrated private email correspondence of Microsoft’s customers.
A Microsoft spokesperson told Verdict that the company were continuing notifications to customers “who corresponded with Microsoft corporate email accounts that were exfiltrated by the Midnight Blizzard threat actor”.
“We are providing the customers the email correspondence that was accessed by this actor,” the spokesperson said. “This is increased detail for customers who have already been notified and also includes new notifications.”
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalData“As we said previously, we’re committed to sharing information with our customers as our investigation continues,” the spokesperson added.
In April, the US cybersecurity watchdog said Russian hackers had used Microsoft’s email system to steal communication between the company and government officials.
The US Cybersecurity and Infrastructure Security Agency said that hackers were breaking into Microsoft’s customer systems by exploiting authentication details shared by email.
According to the watchdog, an unspecified number of government agencies had their correspondence compromised by the hackers.
The announcement followed Microsoft stating that it was working to combat the Russian hackers and their mission.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorised access,” Microsoft said at the time.
In 2020, the same hacking group breached US agency emails, which went undetected for months. The group reportedly gained access to unclassified email correspondence from US intelligence agencies.
The cybersecurity market is forecasted to be worth $334.66bn by 2026, according to GlobalData’s Cybersecurity Market Report.