Russian Intelligence Agency Hacks Microsoft

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

Microsoft, the massive tech company behind Windows, faced a cyberattack from a Russian intelligence agency.

The attackers go by the name Nobelium, and this isn’t the first time they’ve attacked. They were responsible for the attack on SolarWinds, a global supply chain network. The attack had rippling ramifications that are still being worked through. Microsoft was also affected by the breach.

The group was also implicated in the 2016 breach of the Democratic National Committee (DNC). This attack launched a multi-year-long investigation proving its legitimacy.

Microsoft explained the situation in a regulatory filing that the attacks were launched the attack in early January.

“On January 12, 2024, Microsoft detected that beginning in late November 2023, a nation-state associated threat actor had gained access to and exfiltrated information from a very small percentage of employee email accounts,” the filing stated.

Information was also obtained from senior leadership and employees in the cybersecurity department. It’s unknown how sensitive the stolen information was. The Cybersecurity and Infrastructure Security Agency (CISA) immediately became involved, an investigation is currently underway.

“(We are) closely coordinating with Microsoft to gain additional insights into this incident and understand impacts so we can help protect other potential victims,” CISA said.

According to the filing, Microsoft was able to restrict the attacker’s access on Jan. 13, a full day later. It’s currently unknown exactly how much data was exfiltrated or what the nature of the data was.

“The Company (Microsoft) has not yet determined whether the incident is reasonably likely to materially impact the Company’s financial condition or results of operations,” CISA said.

Critics of Microsoft have pointed out that Microsoft’s not yet including basic security features like 2FA has put it and its user’s security in jeopardy.

“The U.S. government needs to reevaluate its dependence on Microsoft,” explains Sen. Ron Wyden (Oregon).

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends.

Leave a Comment