The Microsoft hack affected the Departments of Veterans Affairs and State Departments, the government said
The US Department of Veterans Affairs and an arm of the US State Department are among Microsoft Corp.’s growing list of customers. admitted to being affected by the tech giant’s breach that was allegedly carried out by state-sponsored Russian hackers.
The US Agency for Global Media, which is part of the State Department that provides news and information to countries where the media is banned, was notified “several months ago” by Microsoft that some of its data may have been stolen, a spokesperson said in a statement. emailed statement. No sensitive security or personal data has been compromised, a spokesperson for the department said.
The agency is working closely with the Department of Homeland Security on this incident, said a spokesperson for the department, refusing to answer further questions. A State Department spokesperson said, “We know that Microsoft is reaching out to entities, both affected and unaffected, in the spirit of transparency.”
Microsoft disclosed in January that a group of Russian hackers it called Midnight Blizzard had accessed corporate email accounts and later warned that it was trying to exploit secrets shared between the tech giant and its customers. The company declined to identify the affected customers.
“As our investigation continues, we have been contacting customers to let them know if their connection to a Microsoft company email account was accessed,” a Microsoft spokesperson said Wednesday. “We will continue to coordinate, support and assist our customers in taking mitigation measures.”
In addition, the Department of Veterans Affairs was notified in March that it contributed to Microsoft’s violations, agency officials said.
One second entry
Hackers used a single set of stolen credentials — found in emails they found — to log into a checkpoint on the VA’s Microsoft Cloud account around January, officials said, adding that the login took about one second. Midnight Blizzard may have intended to test the validity of the warrants, perhaps with the ultimate goal of breaching the VA network, officials said.
The agency changed the exposed information, as well as the login credentials for all of their Microsoft locations, once they were notified of the breach, they said. After reviewing the emails the hackers accessed, the VA determined no additional credentials or sensitive email was taken, officials said.
Terrence Hayes, VA press secretary, said the investigation is ongoing to determine any additional impact.
The Peace Corps was also contacted by Microsoft and informed about the Midnight Blizzard breach, according to a statement from its press office. “Based on this notification, the Peace Corps technical staff was able to reduce the risk,” according to the agency. The Peace Corps declined further comment.
Bloomberg News asked other government agencies for comment, and none said they were affected by the Midnight Blizzard attack on Microsoft. Bloomberg previously reported that more than a dozen Texas government agencies and public universities were exposed by the Russian hack.
Midnight Blizzard, also known in cybersecurity circles as “Cozy Bear” and “APT29,” is part of Russia’s foreign intelligence service, according to US and UK authorities.
In April, US government agencies were ordered to analyze emails, reset passwords and work to secure Microsoft cloud accounts amid fears that the Midnight Blizzard could reach the books. Microsoft has been notifying some customers in the months since that their emails with the tech giant were accessed by Russian hackers.
The Midnight Blizzard breach was one of a series of high-profile and damaging security failures at the Redmond, Washington-based technology company, which has drawn heavy criticism from the US government. Microsoft President Brad Smith appeared before Congress last month where he acknowledged security failures and vowed to improve the company’s operations.
Source link