Don’t you want to know what the tech giants know about you? And that’s exactly what Russian government hackers want, too.
Microsoft on Friday unveiled the hacking group it calls Midnight Blizzard, also known as Abt29 Or Cozy Bear — which is widely believed to be sponsored by the Russian government — hacked into some of the company’s email accounts, including those of the company’s “senior leadership team and employees in cybersecurity, legal, and other functions.”
Oddly enough, the hackers did not go after customer data or traditional company information that they might normally have gone after. They wanted to know more about themselves, or more specifically, they wanted to know what Microsoft knew about them, according to the company.
call us
Do you have more information about this hack? We would love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, via Telegram, Keybase, Wire @lorenzofb, or email lorenzo@techcrunch.com. You can also contact TechCrunch via SecureDrop.
“The investigation indicates that they were initially targeting email accounts to obtain information related to Midnight Blizzard itself,” the company wrote. In a blog post And Securities and Exchange Commission disclosure.
According to Microsoft, the hackers used a “password spraying attack” — essentially a brute force technique — against an old account, and then used that account’s permissions “to access a very small percentage of Microsoft email accounts.”
Microsoft did not reveal the number of email accounts that were hacked, nor the information that the hackers accessed or stole.
Company spokespeople did not immediately respond to a request for comment.
Microsoft has used news of this hack to talk about how it can move forward to make itself more secure.
“For Microsoft, this incident highlighted the urgent need to move faster. “We will act immediately to apply our existing security standards to Microsoft-owned legacy systems and internal business processes, even when these changes cause disruption to existing business operations,” the company wrote. “This will likely cause some level of disruption as we adapt to this new reality, but this is a necessary step, and only the first of many steps we will take to embrace this philosophy.”
APT29, or Cozy Bear, is widely believed to be a Russian hacking group responsible for a series of high-profile attacks, such as those on SolarWinds in 2019, the Democratic National Committee in 2015, and many others.