Urgent credential resets needed for agencies hit by Midnight Blizzard

1 min read


Immediate credential resets have been urged for federal agencies affected by the Midnight Blizzard attack. CISA has called for authentication credential resets for agencies with compromised Microsoft emails containing sensitive data. Updates on remediation activities are required by May 1.

  • CISA has urged federal agencies affected by the Midnight Blizzard attack to reset authentication credentials immediately.
  • Updates on remediation activities are required by May 1.

In response to the attack by Russian state-sponsored threat operation Midnight Blizzard, also known as APT29 and Cozy Bear, the Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive for immediate authentication credential resets across all federal agencies that had their emails with Microsoft containing sensitive data compromised. The directive, sent to agencies on April 2 and publicly issued on Thursday, requires all app credential reset activities to be completed by April 30. Agencies are also urged to provide updates regarding the progress of their remediation activities on April 8 and May 1.

No specific details regarding the number of agencies impacted by the email breach were disclosed, but CISA’s Eric Goldstein emphasized that there has been no indication of any agency or agency production environment compromise. Microsoft is currently conducting ongoing analysis to determine exfiltrated authentication credentials. This incident serves as a reminder of the importance of cybersecurity measures and the need for immediate action to prevent further compromise of sensitive data.

Previous Story

CISOs lose sleep over cyber concerns shared by Mandiant leaders

Next Story

Protecting our vital infrastructure: insights from those on the ground

Latest from News