Hackers retrieve source code for Microsoft

Microsoft has officially acknowledged a breach in its internal networks by Russian hackers, codenamed Midnight Blizzard or Cozy Bear, also known as APT29. These hackers managed to infiltrate the company’s systems and pilfered source code from the emails of high-ranking executives. This revelation came to light through Microsoft’s recent submission to the US Securities and Exchange Commission, categorizing the cyberattack as “active” and announcing a security upgrade in response.

Initially disclosed in January, Microsoft revealed that Midnight Blizzard had gained access to a limited number of company email accounts, focusing on communications within the legal department, cybersecurity, and leadership. At that time, Microsoft assured that critical assets such as source code, AI technology, production systems, and customer data remained uncompromised. However, recent developments suggest a shift in the situation, as evidence surfaced indicating Midnight Blizzard’s attempts to illegally access Microsoft’s source code repositories and other internal systems.

Although Microsoft claims that customer-serving systems remain intact, the attackers have been leveraging leaked information, including private correspondence between Microsoft and its clients. Consequently, Microsoft has initiated contact with affected clients to provide mitigation measures.

This incident underscores the persistent nature of the hackers’ attempts to breach additional Microsoft accounts. The breach began with a password spray attack in November, exploiting the absence of multi-factor authentication. Notably, February witnessed a significant uptick in attack attempts.

Despite the security flaw, Microsoft’s most recent financial statements indicate no immediate operational or financial repercussions. However, the company remains vigilant in addressing the breach and fortifying its defenses against future cyber threats.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Sign Up for CXO Digital Pulse Newsletters

Sign Up for CXO Digital Pulse Newsletters to Download the Research Report

Sign Up for CXO Digital Pulse Newsletters to Download the Coffee Table Book

Sign Up for CXO Digital Pulse Newsletters to Download the Vision 2023 Research Report

Download 8 Key Insights for Manufacturing for 2023 Report

Sign Up for CISO Handbook 2023

Download India’s Cybersecurity Outlook 2023 Report