Members of Microsoft's senior leadership team in, among others, its legal and cybersecurity divisions have had emails and documents stolen.
Russian state-sponsored group, Midnight Blizzard aka Nobelium, claimed responsibility for the attack in which, according to Microsoft, a small percentage of their corporate email accounts were hacked. Microsoft stated that the intent of the attack was to learn what the tech giant knew about Midnight Blizzard's operations.
The company said the hackers used a password spray attack to "compromise a legacy non-production test tenant account and gain a foothold". The attack, which began in November 2023, used the same compromised password for related accounts ... in this case, Microsoft corporate email accounts.
"To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems," said Microsoft in a statement. "We will notify customers if any action is required."
Microsoft said they will act immediately to apply their current security standards to Microsoft-owned legacy systems and internal business processes: "This will likely cause some level of disruption ... but this is a necessary step, and only the first of several we will be taking to embrace this philosophy."
Microsoft is continuing their investigation into the incident and will continue working with law enforcement and appropriate regulators.