The Cybersecurity and Infrastructure Security Agency has revealed that Russian government-linked hackers have stolen emails between several U.S. federal agencies and Microsoft Corporation (NASDAQ:MSFT).
What Happened: The stolen correspondence was part of a prolonged hack that occurred earlier this year, according to an emergency directive issued by CISA on April 2 and made public on Thursday. This also marks the first official acknowledgment that federal agency emails with Microsoft were compromised, reported Politico.
The emergency directive instructed federal agencies to identify all compromised email correspondence and reset credentials for those accounts. It also revealed that the breach was carried out by the Russian hacking group Midnight Blizzard, which is linked to the Russian government.
Subscribe to the Benzinga Tech Trends newsletter to get all the latest tech developments delivered to your inbox.
Eric Goldstein, the executive assistant director for cybersecurity at CISA, described the breach as an “exigent threat” to the government. He did not disclose the number of agencies affected by the breach.
Microsoft stated on Thursday, “As we discover secrets in our exfiltrated email, we are working with our customers to help them investigate and mitigate. This includes working with CISA on an emergency directive to provide guidance to government agencies."
Why It Matters: In January earlier this year, it was revealed that the email accounts of top executives at Microsoft were hacked by a Russian Intelligence group. This was followed by a disclosure from Hewlett Packard Enterprise Co that its cloud-based email system was breached by a suspected nation-state actor.
The directive from CISA highlighted that Microsoft had informed all impacted agencies and was furnishing metadata for all compromised emails. "Using the information gained from Microsoft’s investigation into Midnight Blizzard, Microsoft Threat Intelligence has identified that the same actor has been targeting other organizations and, as part of our usual notification processes, we have begun notifying these targeted organizations," the tech giant said in a blog post in January.
In March, Microsoft revealed that Russian hackers had stolen some of its source code by spying on the company’s senior executives. The attack was described as “ongoing.” These repeated breaches have raised concerns about the security of Microsoft’s systems and the potential impact on its users and partners.
Photo Courtesy: Microsoft
Check out more of Benzinga's Consumer Tech coverage by following this link.
Read Next: Sundar Pichai’s Google Grapples With AI Mishaps Amid Worker Criticism, Yet Holds Title Of America’s Most Innovative Company
Disclaimer: This content was partially produced with the help of Benzinga Neuro and was reviewed and published by Benzinga editors.
