Midnight Blizzard, also known as Nobelium, broke into a “small percentage” of corporate email accounts last week, including several top executives, and successfully exfiltrated some emails and documents, the company said.
Microsoft said it believes the hackers were targeting accounts containing information about their own group, Midnight Blizzard, which has been linked to the Russian Foreign Intelligence Service, or SVR. The SVR has been accused for several high-profile intrusions, including at the Pentagon in 2015, and the Democratic National Committee in 2016.
The attack was not a result of a vulnerability, according to Microsoft, but a reminder of the “risk posed to all organizations from well-resourced nation-state threat actors like Midnight Blizzard.”
Microsoft is in the process of notifying the employees whose emails were accessed in the breach.