Microsoft said Friday that a Russian state-sponsored group hacked into its corporate systems on January 12 and stole some emails and documents from its staffs’ accounts.
A Russian hacking group known in the cybersecurity industry as Nobelium, or Midnight Blizzard, used a “password spray attack” starting in November 2023 to breach a Microsoft platform, the company said in a blog. Hackers use this technique to infiltrate a company’s systems by using the same password across multiple accounts.
The Russian group was able to access “a very small percentage” of Microsoft corporate email accounts, including members of its senior leadership team and employees in its cybersecurity, legal, and other functions, said Microsoft.
READ: Microsoft says Russian hackers targeting U.S. campaigns
Microsoft’s threat research team routinely investigates nation-state hackers such as Midnight Blizzard, and the company said its probe into the latest breach indicated the hackers were initially targeting email accounts that had information about Midnight Blizzard.
READ: Microsoft warns thousands of cloud customers of exposed databases
The Russian Embassy in Washington and Ministry of Foreign Affairs did not immediately respond to a request for comment.
Microsoft said it investigated the incident and disrupted the malicious activity, blocking the threat actor’s access to its systems.