Discover Top American-Made Products!
Support local craftsmanship with these high-quality, American-made items—shop now on Amazon!
Shop NowIf you’re with one of the companies burned by a data breach at Microsoft, you won’t be happy to learn that emails you exchanged with the computer revolution pioneer “were hacked.” They think it was done by a Russian group “as part of a previously reported, state-sponsored breach that had already ensnared U.S. government agencies.” In January, they revealed “Midnight Blizzard” had “stolen senior leaders’ emails and were trying to use them to break into customers’ communications, including those of government agencies.” They’re “part of the Russian Foreign Intelligence Service.”
Microsoft hit hard
Hackers didn’t just “try” to steal emails from senior Microsoft leaders, they did steal them.
While they admitted some of what happened back in January, the tech giant has a fresh update for their affected customers.
According to the new bulletin, a more extensive list of Microsoft customers are being formally notified they were compromised. “Some of these clients had already known they were affected by the breach. Others were hearing it for the first time.”
Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack – https://t.co/UPqIOfisyv
— SecurityWeek (@SecurityWeek) June 29, 2024
The C-suite blames the delay on the time it took to “assess the damage.” That tells experts it was worse than everyone thought.
Because it took so long for Microsoft to identify all the affected accounts, IT experts say that’s “a sign that the hack has had broader repercussions than initially thought.”
The company isn’t saying who got hit. They’re telling their customers personally and if they want to reveal they were hacked, that’s their business.
Latest in a series
Another thing the experts are pointing out is that this is only the most recent security setback for Microsoft. They’ve “drawn strong condemnation by the U.S. government.” In April, “issued a scathing report” that accused the leadership team in Redmond of having an “inadequate” security culture.
The Midnight Blizzard attack, the report snarls, is “evidence that the company hadn’t yet fixed the problem.” If they don’t know how, they better figure it out, quick.
According to a company spokesperson, “this week we are continuing notifications to customers who corresponded with Microsoft corporate email accounts that were exfiltrated by the Midnight Blizzard threat actor.” Some say that’s “Cozy Bear” under a new handle.
And there it is 🫤
TeamViewer have updated their statement that they currently attribute their incident to Russian SVR 🇷🇺 linked adversaries (aka APT29, Midnight Blizzard, COZY BEAR)https://t.co/XlpGpdpXBx pic.twitter.com/HitRkb3s2t
— Will (@BushidoToken) June 28, 2024
Adding a challenge to the cleanup effort, the email sent through official corporate channels with mitigation instructions has all the customers scared it could be a phishing scam.
“You are receiving this notification because emails were exchanged between Microsoft and accounts in your organization, and those emails were accessed by the threat actor Midnight Blizzard as part of their cyberattack on Microsoft,” the notice relates.
Everyone turned to Reddit for guidance “on whether the message was a phishing attempt.” They didn’t even think about asking the company. Nobody can get any answers from their customer service department about anything.
