Microsoft Email Accounts Breached By Russian Hacking Group, Some Corporate Emails Stolen

Microsoft disclosed that some of its corporate email accounts were breached and data stolen by a Russian state-sponsored hacking group called Midnight Blizzard, also known as Nobelium or APT29. The attack, detected on January 12th, was traced back to a password spray attack in November 2023 on a legacy non-production test tenant account, indicating a lack of two-factor authentication (2FA) or multi-factor authentication (MFA). Despite the test account having limited permissions, the hackers used it to access a "small percentage" of Microsoft's corporate email accounts for over a month. Microsoft asserts that the breach resulted from a brute force password attack rather than a vulnerability in its products and services. Read more...