By Dean Seal


Microsoft disclosed Friday that it was targeted by a Russian state-sponsored hacking group that stole information from its senior leadership team and other employees.

The tech giant detected last week that the threat actor, which it has identified as the group Midnight Blizzard, had extracted information from a small percentage of employee email accounts. Based on a preliminary analysis, those accounts included members of its senior leadership team and employees in its cybersecurity and legal teams.

In a blog post, Microsoft said the group used a password spray attackthat compromised one legacy non-production test tenant account, then used the account's permissions to gain access to the Microsoft corporate email accounts starting in late November.

The hackers initially targeted accounts related to Midnight Blizzard itself, the company said. The owners of the affected accounts are being notified.

Microsoft was able to remove the intruder's access to the email accounts on Jan. 13 and is still assessing the impact of the incident. The company is also investigating the extent of the incident and working with law enforcement.

The company said it hasn't determined whether the incident is likely to affect its financial condition or the results of its operations, but that there hasn't been a material impact on operations so far.

The intrusion wasn't the result of a vulnerability in Microsoft products or services, and there is no evidence that the intruders had any access to customer environments, production systems, source code, or AI systems, the company said.


Write to Dean Seal at


(END) Dow Jones Newswires

January 19, 2024 17:27 ET (22:27 GMT)

Copyright (c) 2024 Dow Jones & Company, Inc.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Mar 2024 to Apr 2024 Click Here for more Microsoft Charts.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Apr 2023 to Apr 2024 Click Here for more Microsoft Charts.