Kremlin-linked hackers gained access to Microsoftʼs e-mail system and were able to steal the correspondence of some US government agencies with Microsoft.
This was reported by the US Cyber Security and Infrastructure Security Agency (CISA) on April 11.
Although the hack itself has been known since January, the CISA announcement is the first confirmation that US federal agenciesʼ emails from Microsoft were stolen.
According to the agency, the Midnight Blizzard hackers used account login details that were sent by mail to get into the systems of Microsoft customers, including government agencies.
At the same time, CISA did not specify the correspondence with which government structures they were able to steal.
- Microsoft has been repeatedly attacked by Midnight Blizzard. The corporation claimed that this group was responsible for more than 22,800 cyber attacks against technology companies. It is also involved in large-scale attacks on US government institutions in 2020, which were carried out through the software of the SolarWinds company. Midnight Blizzard was also accused of hacking the Outlook mail client.
- In January 2024, Microsoft announced a new hacker attack by Midnight Blizzard. Traces of the attack were discovered on January 12, and it took place in November last year.
- In March, Microsoft blamed Midnight Blizzard for another attack.