Microsoft Executive Emails Hacked by Elite Russian Hacking Group

By Jace Dela Cruz

Jan 20, 2024 12:20 AM EST

Microsoft disclosed in a regulatory filing on Friday that the Russian intelligence group Nobelium, known for hacking government supplier SolarWinds in 2020, accessed the email accounts of some of the software maker's top executives. 

According to CNBC, this is not the first time Russian hackers have infiltrated Microsoft's networks. State-sponsored attacks, particularly during periods of armed conflict, pose an increased risk of sensitive data exposure. With Russia engaged in a prolonged war against Ukraine, such cyber threats persist. 

(Photo : FABRICE COFFRINI/AFP via Getty Images)
This photograph taken on January 19, 2024 shows a sign of American corporation Microsoft displayed during the World Economic Forum (WEF) annual meeting in Davos.

Russian Intelligence Group Hacked Microsoft Executive Emails 

The revelation of the breach coincides with new US regulations on disclosing cybersecurity incidents. Microsoft, in adherence to the rules, promptly informed the public.

A Microsoft spokesperson noted that although the company does not believe the attack had a material impact, it still wanted to follow the rules. 

The Cybersecurity and Infrastructure Security Agency (CISA) is now coordinating with the company to gain additional insights into this hacking incident and protect other potential victims. 

CISA executive assistant director for cybersecurity Eric Goldstein told CNBC that they were not aware of impacts on Microsoft customer environments or products at this time. 

According to Microsoft's Security Response Center, the breach occurred in late November, with Nobelium gaining access to a non-production test tenant account.

After gaining access, the group utilized the account's permissions to infiltrate a small percentage of Microsoft corporate email accounts, including those of senior leadership, cybersecurity, legal, and other departments, and stole some emails and attached documents. 

However, Microsoft assured it had not found evidence of Nobelium accessing customer data, production systems, or proprietary source code.

"We were able to remove the threat actor's access to the email accounts on or about January 13, 2024. We are examining the information accessed to determine the impact of the incident. We also continue to investigate the extent of the incident," Microsoft said in the regulatory filing.

READ ALSO: Microsoft Launches Copilot AI Assistant for Small Businesses and Consumers

The Russian Intelligence Group Nobelium

Nobelium, categorized by the US government and Microsoft as part of the Russian foreign intelligence service SVR, was also responsible for the 2020 broad-based SolarWinds hack.

According to CNBC, the hacking group inserted malicious code into updates for SolarWinds' Orion software at the time, affecting various US government agencies and even Microsoft. It is reportedly one of the most prolific breaches in US history.

READ MORE: Microsoft Surpasses Apple as World's Most Valuable Public Company

© 2024 VCPOST, All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics