Russian hackers steal agencies' emails as part of Microsoft hack
Source: Axios
2 hours ago
Russian intelligence hackers stole emails between federal agencies and Microsoft and potentially collected login credentials during a recent breach of the tech company, a top U.S. cyber official said Thursday.
Why it matters: Microsoft has said that the hacking group, known as Midnight Blizzard, is continuing to target its networks in an effort to steal its source code and its customers' secrets.
The U.S. government is heavily reliant on Microsoft's products, including its cloud infrastructure and email servers.
Zoom in: The Cybersecurity and Infrastructure Security Agency (CISA) published an emergency directive Thursday requiring affected agencies to study the contents of stolen emails for signs of leaked login information and other sensitive details.
Microsoft has also notified "several" federal agencies that their login credentials, session tokens or other authentication data may have been included in those emails, Eric Goldstein, executive assistant director for cybersecurity at CISA, told reporters. Agencies whose login credentials may have been exposed have until the end of the month to reset or deactivate any affected passwords, session tokens and API keys as well as to study the activity of users whose credentials were exposed for signs of an intrusion. CISA privately issued the directive to affected agencies last week. CyberScoop first reported on the advisory.
Read more: https://www.axios.com/2024/04/11/federal-government-microsoft-emails-hack
Link to CISA EMERGENCY DIRECTIVE - CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System
IronLionZion
(45,619 posts)Which is a not so hidden plank in Trump's platform
sybylla
(8,533 posts)How ballsy! /sarcasm.
JFC, Microsoft.
No cloud. No thank you. (she says, sitting on her pile of thumb drives and terabyte externals still flipping the bird at MS since 1997)
ffr
(22,676 posts)if you do online banking or share your computer with family members with their own access to install potential data stealing malware on such devices (computers).
FakeNoose
(32,866 posts)This just boggles my mind.
BumRushDaShow
(129,913 posts)I expect most have their own datacenters and use the "enterprise" version vs the 365.
Those that have offices overseas often have to use an encrypted cloud though.