Senior-leader’s Email and cybersecurity accessed by State-backed Russian hackers, says Microsoft.

Microsoft is the top-notch company in Redmond, Washington, and is famous for its software products, including the Microsoft Windows operating system, the Microsoft Office suite, and the Internet Explorer web browser. 

Recently, they were in controversy because their senior’s email was hacked by some state-backed Russian Hacker whom Microsoft called Midnight Blizzard. The reason behind this accident was Microsoft's earlier post. 

In August, Microsoft’s threat-intelligence team suspected that some Russian teams were trying to steal their credentials from at least 40 different global organizations through Microsoft Teams chats by brute-force attack technique. They also try to use a single shared password in multiple accounts. 

And in 2021, the 2020 SolarWinds hacking campaign was called by Microsoft, which was caught up and involved with Midnight Blizzard hackers.

Additionally, In 2023, They also faced criticism for getting hacked by Chinese hackers who stole confidential emails. 

The Leading controversy:

On Friday, Microsoft Company stated that Some Boston state-backed Russian hackers accessed the Email accounts of senior leadership, cybersecurity, and legal employees. They were discovered on January 12th, but the intrusion began in late November about the hacking. They also said that there are highly professional hackers from the Russian hacker team involved, and behind all of this, the SolarWinds breach was accountable. 

The company’s outspoken person said that some emails and attached documents were stolen, but Russian hackers accessed a very small percentage of Microsoft employees. 

In a regulatory filing Friday, They said that Microsoft company was able to terminate the permit of hackers from the compromised accounts on 13 January. They also did not comment on how many members or seniors had email-breaking problems. They also expressed that they are trying to notify each and every single employee whose mail was accessed by the hacker. Additionally, they talk about how hackers' main motive is to break their security to email accounts to get details related to their workouts. 

Because of Outdated Codes, the Russian SVR foreign intelligence agency was able to make access possible to their compromising credentials on a "legacy" test account. The hacker used The brute-force attack technique, which is known as  “password spraying,” and this helped the hacker to use the email accounts of seniors and employees with the account's permission to access them