Microsoft shared on January 19 that a cyber-attack impacted its corporate systems. The breach happened on January 12, and the group responsible has been identified as Midnight Blizzard. No customer data was accessed as part of the attack, and it was focused on breaching select internal email accounts.
According to Microsoft, this attack started as far back as November 2023. The group Midnight Blizzard, also known as Nobelium, used password spray technology to get into a test tenant account, and then use the permission from that account to get into Microsoft corporate email accounts. That included emails from those on Microsoft’s senior leadership team, and those working in the cybersecurity, and legal teams.
The attackers were specifically targeting and going after emails and attachments about their group itself, and Microsoft is notifying employees who might have had their email accessed by the group. No customer data, production systems, source code, or AI systems were accessed.
You might remember Nobelium for its cyberattacks on SolarWinds in 2019.
