About this subject According to Ukrinform’s report in Microsoft’s statement.

We are talking about an attack on the company’s corporate networks on January 12, 2024. Microsoft claims that hackers belonging to the Russian state organization Midnight Blizzard, also known as Nobelium, are behind this incident.

Hackers used a “password spraying attack” to breach Microsoft starting in November 2023, according to the company. They used the same compromised password for multiple relevant accounts to infiltrate the company’s systems. In this way, Russian attackers gained access to a “very small percentage” of Microsoft’s corporate email inboxes, including members of senior management and employees involved in cybersecurity, legal and other functions, the company added.

Microsoft said the attack was not the result of a specific vulnerability in its products or services. The company investigated the incident and stopped the malicious activity by blocking the group’s access to its systems.

“This attack highlights the ongoing risk to entire organizations from well-resourced groups like Midnight Blizzard,” Microsoft said.

According to information Reuters, Midnight Blizzard, also known as APT29, Nobelium or Cozy Bear, is affiliated with the Russian spy agency SVR. The group is best known for interfering with the US Democratic National Committee during the 2016 election.

Microsoft products are widely used by the US government. Last year, the company came under criticism for its cybersecurity after Chinese hackers stole emails belonging to senior US State Department officials.

As Ukrinform reported, Hackers linked to the Russian Federation and China have hacked Sellafield, Britain’s most dangerous nuclear facility.

Photo: Jeenah Moon/Bloomberg via Getty Images