U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that Russian government-backed hackers stole emails from several U.S. federal agencies as a result of an ongoing cyberattack at Microsoft.
In a statement published Thursday, the U.S. cyber agency said the cyberattack, which Microsoft initially disclosed in January, allowed the hackers to steal federal government emails “through a successful compromise of Microsoft corporate email accounts.”
The hackers, which Microsoft calls “Midnight Blizzard,” also known as APT29, are widely believed to work for Russia’s Foreign Intelligence Service, or SVR.
If the US government is stupid enough to store data with Microsoft, they should not complain. OK, maybe they should, to Microsoft.
See also: https://www.theverge.com/2024/4/10/24126057/microsoft-azure-server-internal-passwords-exposed-cybersecurity