Microsoft warned in August that Midnight Blizzard had made phishing attempts sent as Microsoft Teams chats. Photo / 123RF
Microsoft said on Friday that email accounts belonging to senior leaders were infiltrated by a notorious Russian hacking group that had access to the systems for weeks before being identified.
Midnight Blizzard, the Russian state-sponsored group also known as Nobelium, gained access to a “very small percentage” of Microsoft employee
email accounts in November, including some of its senior leaders, according to a Microsoft blog post on Friday.
The attack was detected on January 12, and Midnight Blizzard lost access to the accounts “on or about January 13″, Microsoft said. It said the attack was “not the result of a vulnerability in Microsoft products or services”.
Microsoft said the attacks underlined the risks posed by groups such as Midnight Blizzard, which was responsible for a high-profile spree of cyber attacks in 2020 that hijacked software from the software group SolarWinds in order to breach the US Treasury and Commerce departments, as well as the Pentagon and several Fortune 500 companies. The US later said the group was linked to Russia’s foreign intelligence service.
In August, Microsoft warned users that the same group was conducting phishing attempts that were sent as Microsoft Teams chats.
