Microsoft Discloses More Customer Emails Accessed by Russian Hacker Group Midnight Blizzard

Microsoft has revealed that a Kremlin-backed hacker group, Midnight Blizzard, gained access to more customer emails than originally disclosed in the January breach of the company’s internal systems. The tech giant is now in the process of informing additional customers that their emails were accessed by the Russian nation-state hacker group.

The spokesperson for Microsoft stated that they are providing increased detail to customers who have already been notified, as well as issuing new notifications. The company is committed to sharing information with customers as their investigation into the breach continues.

The breach, first disclosed in a January filing with the US Securities and Exchange Commission, revealed that the hackers had accessed emails from the company’s senior leadership team, cybersecurity, and legal department employees. The hackers had also attempted to contact Microsoft customers using the stolen credentials.

Further investigations by Microsoft found that its US government Azure clients were also being actively targeted by the hackers. The US Cybersecurity and Infrastructure Security Agency issued an emergency directive to federal agencies in April in response to the ongoing threat.

Midnight Blizzard, also known as Nobelium, APT29, or Cozy Bear, was responsible for the SolarWinds hack in 2020. The state-sponsored threat actors were also behind a phishing campaign targeting EU government agencies providing aid to Ukraine. Microsoft has not disclosed which corporate customers have been made vulnerable by the breach.