The Washington Post reported Russian hackers hacked into the computer systems of a Microsoft corporate partner and stole emails from users of Microsoft cloud services, as well as the correspondence of one of the private companies.
Microsoft itself stated that it did not identify any vulnerabilities and traces of hacking of the products or cloud service provided.
“Our investigation of recent attacks has identified incidents of abuse of credentials to gain access. We have not yet identified any vulnerabilities or compromises on Microsoft products or cloud services, ”explained Jeff Jones, senior director of communications.
We will remind, earlier Microsoft discovered malware in its networks, thus adding to the list of companies affected by the hacking of the Texas software manufacturer SolarWinds. Microsoft has notified "more than 40 customers" of the breach, some of which has been compromised by a third party. Specifically, attackers compromised the reseller by stealing credentials that could be used to gain broad access to Azure accounts. Once inside a particular customer's account, the attackers were able to read and steal emails and other information.
Microsoft is users of SolarWinds' Orion IT resource management platform, which has been updated with malware by hackers. The company also has products that could be used by attackers to further attack its customers. So, on Thursday, December 17, the US National Security Agency even published a security notice describing how certain Microsoft Azure cloud services could be compromised by cybercriminals and redirect users to further block their systems.
Microsoft has said the company has notified private sector customers of the issue and has also informed the US government, but sources for the publication said the government was not notified.
In addition, specialists from the American information security company Crowdstrike said that hackers who attacked government and private organizations in the United States tried unsuccessfully to gain access to her mail. As noted by experts, on December 15, Microsoft representatives notified the company about the alleged “several months ago” attempts to gain access to its systems using one of the accounts on the Microsoft cloud platform.