1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Microsoft says Russian hackers accessed executives' emails

January 20, 2024

The hacker group believed to responsible for the breach was previously linked to Russia's foreign intelligence agency. Microsoft confirmed that the hackers did not access any customer accounts.

https://p.dw.com/p/4bUMa
Microsoft Logo and Open Locks
The company said the hacker group was apparently interested in the information about itselfImage: Andre M. Chang/ZUMA Wire/picture alliance

A Russian hacking group gained access to Microsoft's corporate email system and accessed the accounts of senior executives, the company said Friday evening.

Microsoft believes the Russian state-sponsored group Midnight Blizzard, also known as Nobelium, was responsible for the hack.

"To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required," Microsoft Security Response Center said in a blog post on Friday.

What is cyber warfare?

Hackers gained foothold in one account

The attack began in November last year, with the hackers bombarding a particular "legacy" (likely outdated) account with possible passwords.

They used the account's permissions to "access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions."

The company said that hackers could view and download some emails and attached documents.

Microsoft's security team detected the latest attack on January 12, triggering defenses that blocked further access by the hackers.

Hackers threaten critical infrastructure

Midnight Blizzard known 'cyber actor'

Microsoft says the hackers seemed to seek information about Midnight Blizzard itself.

The US National Intelligence Agency considers Midnight Blizzard a "cyber" actor of the Russian Foreign Intelligence Service.

The group was behind the so-called SolarWinds breach in 2020,  a massive hack of US government agencies and corporations.

lo/dj (AP, AFP)