Priya PatelTLDR:
- Russian hackers gained access to some of Microsoft’s internal systems and source code repositories in a January attack.
- Midnight Blizzard group, also known as APT29, targeted Microsoft for source code theft, leveraging customer email secrets for attacks.
An update from Microsoft revealed that Russian hackers accessed “some” of the company’s internal systems and source code repositories during a January attack. While there is still no evidence of compromise in customer-facing systems, confidential emails exchanged between Microsoft and external parties were exposed. The hackers leveraged these secrets to increase password spray attempts significantly. Originally thought to have only breached internal email systems, it was later discovered that the Russian hackers had greater access to internal information, including source code.
The Midnight Blizzard group, previously known as APT29, has a history of targeting major IT service providers like Microsoft. They have a direct connection to Russia’s foreign intelligence service and have shown a keen interest in breaching rival governments and think tanks. The breach raises questions about Microsoft’s security practices, especially in light of a similar incident involving Chinese state-backed hackers. Experts believe that stronger authentication methods and ongoing monitoring are crucial in preventing and mitigating source code theft incidents.
