Microsoft has reported a cybersecurity incident whereby the company was targeted by the group known as Midnight Blizzard or Nobelium using password spray attacks. The attackers were successful in accessing the data of the cybersecurity employees, senior staff, and certain legal departments. It appears that the perpetrators were seeking information regarding what Microsoft knows about the Midnight Blizzard group.
Typically, companies that enforce two-step logins are not susceptible to password spray attacks. However, in this case, Microsoft had a separate test tenant, which the malicious actors were able to take hold of. They then utilized the privileges within that tenant to gain access to employee emails.
In response to this incident, Microsoft has stated its commitment to implementing the same level of security measures across all systems, whether they are legacy or internal systems. Moving forward, they will prioritize this standard to a degree that allows for some impact on business operations.
TLDR: Microsoft experienced a cybersecurity breach by the group Midnight Blizzard, resulting in the compromise of employee data. Despite having two-step logins in place, the attackers exploited a separate test tenant to gain access to employee email accounts. Microsoft is now focused on implementing a standardized security approach throughout their systems.
Leave a Comment