Security News > 2024 > January > Russian hackers stole Microsoft corporate emails in month-long breach

Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard.
Nobelium is a Russian state-sponsored actor believed to be behind the 2020 SolarWinds supply chain attack, which also impacted Microsoft.
Microsoft later confirmed that the SolarWinds attack allowed the hackers to steal source code for a limited number of Azure, Intune, and Exchange components.
In June 2021, the hacking group breached a Microsoft corporate account again, allowing them to access customer support tools.
News URL
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- HPE notifies employees of data breach after Russian Office 365 hack (source)
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Orange Group confirms breach after hacker leaks company documents (source)
- Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector (source)