Microsoft said on Friday that a Russian state-sponsored group hacked into its corporate systems on Jan. 12 and stole some emails and documents from its staffs’ accounts.
A Russian hacking group known in the cybersecurity industry as Nobelium, or Midnight Blizzard, used a “password spray attack” starting in Nov. 2023 to breach a Microsoft platform, the company said in a blog. Hackers use this technique to infiltrate a company’s systems by using the same password across multiple accounts.
The Russian group was able to access “a very small percentage” of Microsoft corporate email accounts, including members of its senior leadership team and employees in its cybersecurity, legal, and other functions, said Microsoft.
Microsoft’s threat research team routinely investigates nation-state hackers such as Midnight Blizzard, and the company said its probe into the latest breach indicated the hackers were initially targeting email accounts that had information about Midnight Blizzard.
The Russian Embassy in Washington and Ministry of Foreign Affairs did not immediately respond to a request for comment.
Microsoft said it investigated the incident and disrupted the malicious activity, blocking the threat actor’s access to its systems.
