The attackers used a password spray attack - a process where multiple user names are tried against a constant password for a given account - to compromise a 'legacy, non-production test tenant account and gain a foothold, and then used the account's permissions to access a very small percentage of Microsoft's corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents.
This is the second time in the past six months that Microsoft has disclosed an embarrassing attack by state-aligned hackers. In July, the company announced that a Chinese-linked operation had successfully obtained an internal consumer signing key and used that to obtain access to email accounts connected with U.S. government officials.
[
add
]
[
|
|
...
]