Microsoft hacked by Russian group, gaining access to source code repositories

​

Back in January 19th, Microsoft posted an entry in their blog about the company detecting a "nation-state attack" on January 12th that affected several of their systems. Back in January, Microsoft worked on mitigating, disrupting and investigating the attack, which according to Microsoft's investigations, led to the threat actor being Midnight Blizzard, a Russian state-sponsor actor that also goes by the name of NOBELIUM.

According to their initial blog post, the way in which the attackers gained access to Microsoft's systems was through a password spray attack, then gaining access to a portion of corporate Microsoft email accounts, but back then they assessed that the attack didn't show evidence of any stolen assets or data, but unfortunately for them, an update on the situation states the opposite.

In a new blog post just released minutes ago, Microsoft has stated that, with the elevated access they gain during the hack, the attackers accessed Microsoft's source code repositories and internal systems, with Microsoft claiming that one of the potential goals is to use the company's secrets, to which some of these have been shared with some of Microsoft's customers via email.

Additionally, Microsoft mentions that Midnight Blizzard's attacks seems to have increased during February, and that they will continue to work on mitigating and investigating the attacking activities.

Source