Update on Russian state-backed attack on Microsoft's Legacy Systems

On Jan 12, 2024, Microsoft security team detected a nation-state attack on the Microsoft Corporate systems. The threat actor is identified as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium. This attack targeted a legacy non-production test environment account and gained access to it. Subsequently it used that account's permissions to access a very small portion of Microsoft Corporate email accounts, including members of the senior leadership team, and employees in the legal, cybersecurity, and other teams.

This attack signifies the importance of information security over your data. It is important to note that based on Microsoft's investigation, no customer data was accessed during this attack.

More can be found on the update below:

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard | MSRC Blog | Microsoft Security Response Center