Microsoft warns its customers that Russian hackers spied on emails
Russian hackers who broke into Microsoft systems and snooped on employee inboxes earlier this year also stole emails from its customers, the tech giant said Thursday, about six months after it first disclosed the breach.
The disclosure underscores the breadth of the breach as Microsoft faces increasing regulatory scrutiny over the security of its software and systems against foreign threats. A Chinese hacking group that separately breached Microsoft last year may have stolen thousands of US government emails.
The Russian government has never responded to the Microsoft hacking allegations, but Microsoft has said the hackers targeted cybersecurity researchers who were investigating the activities of a Russian hacking group. "This week, we will continue to provide notifications to customers who contacted Microsoft corporate email accounts that were compromised by the Midnight Blizzard threat actor," a Microsoft spokesperson said in an email to Bloomberg, which first reported the operation earlier in the day. . Microsoft said it also shared the compromised emails with customers, but did not say how many customers were affected or how many emails may have been stolen.
"This provides additional information for customers who have already received notices, as well as new notices," the spokesperson said. "As the investigation continues, we are committed to sharing information with our customers."
Back in January, the world's largest software provider announced that Midnight Blizzard had accessed a "small number" of its corporate email accounts. Four months later, hackers were said to still be trying to break in, alarming many security industry peers and customers who questioned why Microsoft's systems were still vulnerable.