Microsoft informs customers affected by Midnight Blizzard espionage

Microsoft is informing affected customers that their communications with Microsoft have been spied on by the Russian cyber gang Midnight Blizzard. The company has confirmed this to heise online.

At the beginning of the year, it became known that the criminal group Midnight Blizzard had gained access to emails from Microsoft employees. Group members had used password spraying to gain access to Microsoft accounts. The email accounts of high-ranking managers and employees responsible for cybersecurity, among other things, were affected, Microsoft announced at the time.

Information for affected customers

When asked by heise online, a Microsoft spokesperson stated: "This week, we are notifying customers who have corresponded with Microsoft's business email accounts that were exfiltrated by the Midnight Blizzard threat actors". The company is making available the email correspondence that was accessed by the criminals. "This deepens the detail for customers who have already been notified and also includes new notifications. As we have previously communicated, we are sharing information with our customers as our investigation progresses," the Microsoft employee concludes the statement.

These are emails that customers have exchanged with Microsoft. No customer systems were affected, Microsoft also emphasizes. Microsoft did not respond to the question of how many customers are affected, the number of emails spied on, or whether customers from Europe are also among the victims.

Microsoft discovered the attacks in mid-January of this year, dating back to November 2023. Midnight Blizzard, also known as Cozy Bear, is considered a state-supported Russian cyber gang with links to the Russian Secret Service. The criminal group is also believed to be behind the current attacks on the remote maintenance provider Teamviewer.

(dmk)