Microsoft says Russian state-backed hackers have accessed its source code and internal systems
Russian state-sponsored hackers have managed to access some of Microsoft’s source code repositories and internal systems, the US company said on Friday.
It has not found any evidence of Microsoft-hosted customer-facing systems being compromised, the Xbox maker added.
The company first announced in January that its security team had detected an attack on its corporate systems by a threat actor it identified as nation state-backed Midnight Blizzard
Microsoft said hackers had used a password spray attack last November to break into its email system and access a small number of corporate accounts.
As of Microsoft’s initial announcement, there was no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access,” the company said today.
“This has included access to some of the company’s source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised.
“It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found. Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures.”
Microsoft said Midnight Blizzard had ramped up some aspects of its attack, such as password sprays, by as much as 10-fold between January and February.
“It may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so. This reflects what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks.”
Microsoft said it has been increasing its security controls to defend itself against the ongoing threat and would continue to do so. It also said it would continue to provide further updates on the situation as it evolves.
#Microsoft #Russian #statebacked #hackers #accessed #source #code #internal #systems