Russian Hackers Breach Microsoft's Corporate Email System

Intrusion affected a small percentage of accounts including those of senior leadership; no evidence of customer data access, says Microsoft.

Russian state-sponsored hackers, known as Midnight Blizzard, breached Microsoft's corporate email system, affecting a small percentage of accounts including those of senior leadership and employees in cybersecurity and legal departments.
The intrusion, which began in late November 2023, was discovered on January 12, 2024, and the hackers' access was removed by January 13.
The hackers gained access through a 'legacy non-production test tenant account' using a brute-force attack technique called 'password spraying'.
Microsoft stated that the attack was not due to a vulnerability in its products or services, and there is no evidence that customer environments, production systems, source code, or AI systems were accessed.
Microsoft is implementing changes to its internal security standards and is working with law enforcement and regulators regarding the breach.