Russian hackers steal agencies' emails as part of Microsoft hack

Source: Axios

2 hours ago


Russian intelligence hackers stole emails between federal agencies and Microsoft and potentially collected login credentials during a recent breach of the tech company, a top U.S. cyber official said Thursday.

Why it matters: Microsoft has said that the hacking group, known as Midnight Blizzard, is continuing to target its networks in an effort to steal its source code and its customers' secrets.

The U.S. government is heavily reliant on Microsoft's products, including its cloud infrastructure and email servers.

Zoom in: The Cybersecurity and Infrastructure Security Agency (CISA) published an emergency directive Thursday requiring affected agencies to study the contents of stolen emails for signs of leaked login information and other sensitive details.

Microsoft has also notified "several" federal agencies that their login credentials, session tokens or other authentication data may have been included in those emails, Eric Goldstein, executive assistant director for cybersecurity at CISA, told reporters.

Agencies whose login credentials may have been exposed have until the end of the month to reset or deactivate any affected passwords, session tokens and API keys — as well as to study the activity of users whose credentials were exposed for signs of an intrusion.

CISA privately issued the directive to affected agencies last week. CyberScoop first reported on the advisory.

Read more: https://www.axios.com/2024/04/11/federal-government-microsoft-emails-hack

---

Link to CISA EMERGENCY DIRECTIVE - CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System