Techly NewsGet the app

Get the latest tech news

Microsoft confirms customer emails were accessed during Midnight Blizzard breach


Microsoft has begun notifying certain customers that there emails were accessed by threat actors in a breach

The attack, leveraged by Russian state-affiliated hacking group Midnight Blizzard, also known as Nobelium, began in November 2023, reportedly using a password spraying technique to compromise a legacy account. In March 2024, Microsoft updated customers that it had observed evidence of the threat actors using the information exfiltrated during the initial breach to attempt to gain further unauthorized access to its environments, including some of the firm’s source code repositories and internal systems. Earlier this year, a report from the Cyber Safety Review Board heavily criticized Microsoft’s conduct in response to the Summer 2023 Exchange Intrusion, which saw state-backed Chinese threat actors gain access to the mailboxes of over 500 individuals at 22 different organizations.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Microsoft

Microsoft

Photo of midnight blizzard

midnight blizzard

Photo of customer emails

customer emails

Related news:

News photo

The Center for Investigative Reporting is suing OpenAI and Microsoft

News photo

Microsoft informs customers that Russian hackers spied on emails

News photo

Microsoft has gone too far: including a Game Pass ad in the Settings app ushers in a whole new age of ridiculous over-advertising

« FCC chair asks telecoms companies to prove they're actually trying to stop political AI robocalls
EU Asked Temu, Shein to Show Compliance With Services Act »