Hackers retrieve source code for Microsoft

Hackers retrieve source code for Microsoft
Hackers retrieve source code for Microsoft

Microsoft has formally acknowledged that Russian hackers known as Midnight Blizzard—also known as Cozy Bear and APT29—broke into its internal networks and grabbed source code from the company’s senior executives’ emails.

Microsoft has officially admitted that its internal networks were breached by Russian hackers known as Midnight Blizzard, also referred to as Cozy Bear and APT29, who stole source code from the emails of the company’s top executives. In its most recent filing with the US Securities and Exchange Commission, the tech giant identified the cyberattack as “active” and released a security upgrade.

Microsoft first disclosed the scope of this security incident in January, stating that Midnight Blizzard had access to “a very small number” of company email accounts, targ cybersecurity, and interactions with the legal department, focusing on communications within the legal department, cybersecurity, and leadership.

Microsoft promised at the time that no source code, Al technology, production systems, or customer data had been compromised. Recent events, however, suggest a change in the situation. Evidence has surfaced that demonstrates Midnight Blizzard initially pilfered data to attempt or obtain illegal access to Microsoft’s source code repositories and other internal systems.

Microsoft claims that none of the systems that directly serve customers have been compromised in spite of these vulnerabilities. However, it has been actively leveraging information that has been uncovered, such as encouraging and private correspondence between Microsoft and its clients.

However, the attackers have been actively utilizing leaked information, such as private correspondence between Microsoft and its clients, which has prompted the firm to contact impacted clients in order to provide mitigation.

This ongoing incident demonstrates the hackers’ persistent attempts to get access to other Microsoft accounts. It was started by a password spray attack in November without the protection of multi-factor authentication. A notable increase in attack attempts was seen in February.

The most recent financial statements from Microsoft indicate that there are no immediate operational or financial effects from the security flaw.

Also readWomen in the technology industry is constantly increasing, says Rajita Bhatnagar

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics.