US Government Agencies Impacted by Microsoft Breach Linked to Russian Hackers
The US Department of Veterans Affairs and a division of the US State Department, among other entities, have acknowledged being affected by a recent breach of Microsoft Corp. attributed to hackers sponsored by the Russian state. The US Agency for Global Media, part of the State Department, was notified a few months ago that some of its data might have been compromised. However, no security or sensitive personal data were affected, according to a spokesperson. The agency is collaborating closely with the Department of Homeland Security on this matter.
Microsoft had publicly disclosed in January that a hacking group it identifies as Midnight Blizzard accessed corporate email accounts and were potentially exploiting shared secrets between the tech giant and its clients. The company, maintaining transparency, has reached out to both impacted and unaffected agencies. The Department of Veterans Affairs reported an intrusion in March, where hackers accessed a test environment in its Microsoft Cloud account for merely a second using a stolen set of credentials. The agency has since secured all exposed credentials across its Microsoft environments.
The Peace Corps were also notified by Microsoft about the breach linked to Midnight Blizzard, enabling their technical team to mitigate the vulnerability. Other federal agencies queried by Bloomberg did not disclose any impact from the attack. Previously, it was reported that more than a dozen Texas state agencies and public universities were also exposed due to this Russian hack.
Midnight Blizzard, known in cybersecurity as “Cozy Bear” or “APT29,” is affiliated with Russia’s foreign intelligence service, according to US and UK officials. In April, federal agencies in the US were directed to scrutinize emails, reset compromised passwords, and secure Microsoft cloud accounts to prevent the hackers from accessing correspondence. Microsoft has continued to inform its customers over recent months if their communications with the company were accessed by the Russian hackers.
This breach highlights a series of major security lapses at Microsoft, drawing sharp criticism from the US government. Microsoft's President Brad Smith recently testified before Congress, admitting the company's security shortcomings and committing to enhancing their cybersecurity measures.