Microsoft has confirmed it’s been hacked by what it says is a state-sponsored Russian group known as Midnight Blizzard. On top of that, the group has gained access to various internal systems and company source code.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access,” Microsoft said. “This has included access to some of the company’s source code repositories and internal systems.”
As far as any “Microsoft-hosted customer-facing systems”, Microsoft says that it hasn’t found any evidence of the hackers gaining access to that information. That said, the group did get access to some customer details through emails accessed.
“It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found,” the company said. “Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures.”
The attack on Microsoft was first announced back in January. Since then, Microsoft says it has, and will continue, to improve its “security investments” to make sure information is protected. Microsoft also added that the investigation into the Russian hackers isn’t done, and more details will come as it’s found.
“Our active investigations of Midnight Blizzard activities are ongoing, and findings of our investigations will continue to evolve,” they said. “We remain committed to sharing what we learn.”
What do you think about Microsoft confirming who the Russian hacker group is that’s gained access to internal information? For more Insider Gaming, read about Helldivers 2 players finding Mechs already in the game.
