Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Microsoft Hit by Email Theft

January 22, 2024
Reading Time: 3 mins read
in Incidents

Microsoft revealed that it fell victim to a nation-state attack on its corporate systems, resulting in the theft of emails and attachments from senior executives and individuals in cybersecurity and legal departments. The attack, attributed to the Russian APT group Midnight Blizzard (formerly Nobelium), employed a password spray attack to compromise a non-production test tenant account. The breach, detected on January 12, 2024, prompted immediate steps to investigate, disrupt, and mitigate the malicious activity. The campaign is estimated to have begun in late November 2023.

The threat actors, known for the high-profile SolarWinds supply chain compromise, accessed a small percentage of Microsoft corporate email accounts, including those of senior leadership and employees in cybersecurity and legal functions. Microsoft clarified that the attack was not the result of any security vulnerability in its products, and there is no evidence that the adversary accessed customer environments, production systems, source code, or AI systems. While the exact number of infiltrated email accounts and accessed information remain undisclosed, Microsoft is in the process of notifying impacted employees. The Microsoft Security Response Center emphasized the continued risk posed by well-resourced nation-state threat actors like Midnight Blizzard.

Midnight Blizzard, also identified as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes, previously targeted Microsoft twice, first in December 2020 to siphon source code related to Azure, Intune, and Exchange components, and later breaching three customers in June 2021 via password spraying and brute-force attacks. The company underscored the importance of vigilance against such threat actors. The disclosed incident highlights the persistent challenges organizations face from advanced nation-state cyber threats and emphasizes the need for robust cybersecurity measures to safeguard sensitive information and corporate systems.

Reference:
  • Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
Tags: APT29BlueBravoCloaked UrsaCozy BearCyber Incidents 2024cyber-incidentCyberattacksData BreachJanuary 2024MicrosoftMidnight BlizzardThe Dukes
ADVERTISEMENT

Related Posts

Qilin Gang Leaks Asefa FC Barcelona Data

Qilin Gang Leaks Asefa FC Barcelona Data

June 17, 2025
Qilin Gang Leaks Asefa FC Barcelona Data

Zoomcar Data Breach Hits 8.4 Million Users

June 17, 2025
Qilin Gang Leaks Asefa FC Barcelona Data

Gunra Claims 45TB Hack On Colombia Justice

June 17, 2025
Hackers Leak 10K VirtualMacOSX Customer Data

Hackers Leak 10K VirtualMacOSX Customer Data

June 16, 2025
Hackers Leak 10K VirtualMacOSX Customer Data

Canada WestJet Airline Contains Cyberattack

June 16, 2025
Hackers Leak 10K VirtualMacOSX Customer Data

Washington Post Investigates Cyberattack on Emails

June 16, 2025

Latest Alerts

Water Curse Group Hits Developers Via GitHub

XDSpy Exploits Windows LNK Zero Day

CISA Warns Of Apple Zero Click Exploit

PyPI Malware Steals AWS, CI/CD, macOS Data

IBM Backup Service Flaw Allows Elevated Access

Image Hiding in DNS TXT Records

Subscribe to our newsletter

    Latest Incidents

    Zoomcar Data Breach Hits 8.4 Million Users

    Qilin Gang Leaks Asefa FC Barcelona Data

    Gunra Claims 45TB Hack On Colombia Justice

    Hackers Leak 10K VirtualMacOSX Customer Data

    Canada WestJet Airline Contains Cyberattack

    Washington Post Investigates Cyberattack on Emails

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial