Advertisement

U.S. cyber agency says its emails with Microsoft stolen by Russian hackers

Click to play video: 'Microsoft report finds China, North Korea ‘likely’ to try to interfere in U.S. elections'
Microsoft report finds China, North Korea ‘likely’ to try to interfere in U.S. elections
WATCH: Microsoft report finds China, North Korea ‘likely’ to try to interfere in U.S. elections – Apr 5, 2024

The U.S. Cybersecurity and Infrastructure Security Agency said Russian government-backed hackers have used their access to Microsoft’s email system to steal correspondence between officials and the tech giant, an emergency directive by the U.S. watchdog released on Thursday showed.

In the directive dated April 2, the agency warned that hackers were exploiting authentication details shared by email to try to break into Microsoft’s customer systems, including those of an unspecified number of government agencies.

The warning that government agencies are being targeted using stolen Microsoft emails follows the company’s announcement in March that it was still wrestling with the intruders, which it nicknames “Midnight Blizzard.”

Breaking news from Canada and around the world sent to your email, as it happens.

That disclosure, which set alarm bells ringing across the cybersecurity industry, was followed just last week by a report from the U.S. Cyber Safety Review Board which said that a separate hack – blamed on China – had been preventable, faulting the company for cybersecurity lapses and a deliberate lack of transparency.

Story continues below advertisement
Click to play video: 'Blinken warns risks of disinformation, falsehoods over U.S. election'
Blinken warns risks of disinformation, falsehoods over U.S. election

CISA declined to name agencies that might have been affected. Microsoft said in an email that it was “working with our customers to help them investigate and mitigate. This includes working with CISA on an emergency directive to provide guidance to government agencies.”

The Russian Embassy in Washington, which in the past has denied being behind hacking campaigns, did not immediately return a message seeking comment.

CISA warned that the hackers might have gone after non-governmental groups as well.

“Other organizations may also have been impacted by the exfiltration of Microsoft corporate email,” CISA said, encouraging customers to contact Microsoft for further details.

Sponsored content

AdChoices