Microsoft says Russian state-sponsored actor hacked its systems
San Jose, California - Hackers with links to the Russian government have gained access to the emails of some of Microsoft's senior leaders, the US software giant said on Friday.
The attack began in late November and was discovered on January 12, Microsoft said in a Friday statement. The hackers had also downloaded some documents attached to the emails.
The company did not provide any information on which senior members were affected.
Corporate email accounts of members of Microsoft's cybersecurity and legal teams were also accessed, the company added.
"Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium," the company said.
It remained unclear how many employee accounts were affected in total. Microsoft emphasized that it was "a very small percentage."
As of June 30, the company had around 221,000 employees.
Microsoft said that the hackers gained "a foothold" by using a "password spray attack to compromise a legacy non-production test tenant account," adding that the attack was not the result of vulnerabilities in its products or services.
"To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems," the company said.
Microsoft said that the hackers appeared to initially be targeting accounts for information related to Midnight Blizzard itself, but the company has not provided any information on whether the focus of the attackers had subsequently changed once inside the system.
Cover photo: SAUL LOEB / AFP