Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Microsoft Hit by Email Theft

January 22, 2024
Reading Time: 3 mins read
in Incidents

Microsoft revealed that it fell victim to a nation-state attack on its corporate systems, resulting in the theft of emails and attachments from senior executives and individuals in cybersecurity and legal departments. The attack, attributed to the Russian APT group Midnight Blizzard (formerly Nobelium), employed a password spray attack to compromise a non-production test tenant account. The breach, detected on January 12, 2024, prompted immediate steps to investigate, disrupt, and mitigate the malicious activity. The campaign is estimated to have begun in late November 2023.

The threat actors, known for the high-profile SolarWinds supply chain compromise, accessed a small percentage of Microsoft corporate email accounts, including those of senior leadership and employees in cybersecurity and legal functions. Microsoft clarified that the attack was not the result of any security vulnerability in its products, and there is no evidence that the adversary accessed customer environments, production systems, source code, or AI systems. While the exact number of infiltrated email accounts and accessed information remain undisclosed, Microsoft is in the process of notifying impacted employees. The Microsoft Security Response Center emphasized the continued risk posed by well-resourced nation-state threat actors like Midnight Blizzard.

Midnight Blizzard, also identified as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes, previously targeted Microsoft twice, first in December 2020 to siphon source code related to Azure, Intune, and Exchange components, and later breaching three customers in June 2021 via password spraying and brute-force attacks. The company underscored the importance of vigilance against such threat actors. The disclosed incident highlights the persistent challenges organizations face from advanced nation-state cyber threats and emphasizes the need for robust cybersecurity measures to safeguard sensitive information and corporate systems.

Reference:
  • Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
Tags: APT29BlueBravoCloaked UrsaCozy BearCyber Incidents 2024cyber-incidentCyberattacksData BreachJanuary 2024MicrosoftMidnight BlizzardThe Dukes
ADVERTISEMENT

Related Posts

Arla Foods Dairy Plant Production Halted By A Disruptive Cyberattack

Arla Plant Cyberattack Halts Operations

May 19, 2025
Massive DDoS Attack Cripples Poland's Civic Platform And Public Entities

Massive DDoS Hits Poland’s Civic Platform

May 19, 2025
Georgia’s Harbin Clinic Hit by Data Breach

Georgia’s Harbin Clinic Hit by Data Breach

May 19, 2025
Coinbase Insider Attack Exposed User Data

Coinbase Insider Attack Exposed User Data

May 16, 2025
Coinbase Insider Attack Exposed User Data

Hackers Target Swiss Reserve Power Plant

May 16, 2025
Coinbase Insider Attack Exposed User Data

Cyberattack Hits J Batista Group

May 16, 2025

Latest Alerts

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Subscribe to our newsletter

    Latest Incidents

    Massive DDoS Hits Poland’s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgia’s Harbin Clinic Hit by Data Breach

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial