Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets
The Hacker News
|
Contributed by: Drex DeFord
Summary
In January 2024, Microsoft disclosed a significant security breach by the Kremlin-backed cyber espionage group Midnight Blizzard (also known as APT29 or Cozy Bear), which resulted in unauthorized access to some of Microsoft's source code repositories and internal systems. The attack, initiated through a password spray strategy, exploited a legacy, non-production test account without multi-factor authentication (MFA), revealing the sophistication and resources committed by the threat actor. Despite the breach, Microsoft affirmed that its customer-facing systems remained uncompromised and has since contacted affected customers. The company has announced an increase in its security investments to counter the amplified tactics of Midnight Blizzard, which leverages exfiltrated information for further unauthorized access, marking an escalation in global cybersecurity threats.
