Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Microsoft Hit by Email Theft

January 22, 2024
Reading Time: 3 mins read
in Incidents

Microsoft revealed that it fell victim to a nation-state attack on its corporate systems, resulting in the theft of emails and attachments from senior executives and individuals in cybersecurity and legal departments. The attack, attributed to the Russian APT group Midnight Blizzard (formerly Nobelium), employed a password spray attack to compromise a non-production test tenant account. The breach, detected on January 12, 2024, prompted immediate steps to investigate, disrupt, and mitigate the malicious activity. The campaign is estimated to have begun in late November 2023.

The threat actors, known for the high-profile SolarWinds supply chain compromise, accessed a small percentage of Microsoft corporate email accounts, including those of senior leadership and employees in cybersecurity and legal functions. Microsoft clarified that the attack was not the result of any security vulnerability in its products, and there is no evidence that the adversary accessed customer environments, production systems, source code, or AI systems. While the exact number of infiltrated email accounts and accessed information remain undisclosed, Microsoft is in the process of notifying impacted employees. The Microsoft Security Response Center emphasized the continued risk posed by well-resourced nation-state threat actors like Midnight Blizzard.

Midnight Blizzard, also identified as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes, previously targeted Microsoft twice, first in December 2020 to siphon source code related to Azure, Intune, and Exchange components, and later breaching three customers in June 2021 via password spraying and brute-force attacks. The company underscored the importance of vigilance against such threat actors. The disclosed incident highlights the persistent challenges organizations face from advanced nation-state cyber threats and emphasizes the need for robust cybersecurity measures to safeguard sensitive information and corporate systems.

Reference:
  • Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
Tags: APT29BlueBravoCloaked UrsaCozy BearCyber Incidents 2024cyber-incidentCyberattacksData BreachJanuary 2024MicrosoftMidnight BlizzardThe Dukes
ADVERTISEMENT

Related Posts

Resupply DeFi Protocol Hacked For $9.6M

Resupply DeFi Protocol Hacked For $9.6M

June 26, 2025
Resupply DeFi Protocol Hacked For $9.6M

UK’s Glasgow City Council Hit By Cyberattack

June 26, 2025
Resupply DeFi Protocol Hacked For $9.6M

Cyberattack Hits South Tyrol Emergency Ops

June 26, 2025
Porto Nacional City Hall Hit by Ransomware

Columbia University Probes Major IT Outage

June 25, 2025
Hackers Leak Saudi Games Athlete Data

Mainline Health Breach Hits 101,000 Patients

June 25, 2025
Porto Nacional City Hall Hit by Ransomware

Porto Nacional City Hall Hit by Ransomware

June 25, 2025

Latest Alerts

Fake Job Offers Hide North Korean Malware

New Malware Uses Prompts To Trick AI Tools

New Zero Day Flaw Hits Citrix NetScaler

Hackers Abuse Trezor Support For Phishing

FileFix Attack Turns Explorer Into Weapon

OneClik Malware Attacks Energy Sector Firms

Subscribe to our newsletter

    Latest Incidents

    Resupply DeFi Protocol Hacked For $9.6M

    Cyberattack Hits South Tyrol Emergency Ops

    UK’s Glasgow City Council Hit By Cyberattack

    Columbia University Probes Major IT Outage

    Mainline Health Breach Hits 101,000 Patients

    Porto Nacional City Hall Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial