Updated April 12th, 2024 at 16:50 IST

US security agency accuses Russian hackers of stealing govt emails in Microsoft breach

According to the directive dated April 2nd, the hackers used compromised authentication details from emails to infiltrate Microsoft's customer systems.

Reported by: Business Desk
Microsoft | Image:Pexels
Advertisement

Microsoft data breach: The US Cybersecurity and Infrastructure Security Agency has issued an emergency directive revealing that Russian government-backed hackers exploited vulnerabilities in Microsoft's email system to pilfer correspondence between officials and the tech giant. 

According to the directive dated April 2nd, the hackers used compromised authentication details from emails to infiltrate Microsoft's customer systems, potentially including those of various government agencies. The disclosure comes in the wake of Microsoft's acknowledgement in March of ongoing struggles with these intruders, dubbed "Midnight Blizzard," sparking concerns throughout the cybersecurity realm.

Advertisement

Just last week, the US Cyber Safety Review Board attributed another hack, attributed to China, to preventable cybersecurity lapses and a lack of transparency on Microsoft's part. However, CISA refrained from identifying specific agencies affected by the recent Russian-backed hacking campaign. Microsoft responded by stating they are collaborating with affected customers and CISA to investigate and address the situation.

The Russian Embassy in Washington, historically denying involvement in hacking activities, has yet to comment on the matter. CISA also cautioned that non-governmental organizations may have been targeted as well, advising affected parties to reach out to Microsoft for further assistance.

Advertisement

(With Reuters inputs)

Advertisement

Published April 12th, 2024 at 16:50 IST