The US Department of Veterans Affairs and an arm of the US State Department are among a growing list of Microsoft Corp. customers that have acknowledged they were impacted by a breach of the technology giant that was blamed on Russian state-sponsored hackers.
The US Agency for Global Media, part of the State Department that provides news and information in countries where the press is restricted, was notified “a couple months ago” by Microsoft that some of its data may have been stolen, a spokesperson said in an emailed statement. No security or personally identifiable sensitive data was compromised, the spokesperson said.
The agency is working closely with the Department of Homeland Security on the incident, the spokesperson said, declining to answer additional questions. A State Department spokesperson said, “We are aware that Microsoft is reaching out to agencies, both affected and unaffected, in the spirit of transparency.”
Microsoft disclosed in January that a Russian hacking group it calls Midnight Blizzard had accessed corporate email accounts and later warned that they were attempting to use secrets shared between the technology giant and its customers. The company has declined to identify the customers who were impacted.
“As our investigation continues, we have been reaching out to customers to notify them if they had corresponded with a Microsoft corporate email account that was accessed,” a Microsoft spokesperson said on Wednesday. “We will continue to coordinate, support and assist our customers in taking mitigating measures.”
In addition, the Department of Veterans Affairs was notified in March that it was impacted the Microsoft breach, officials for the agency said.
A one-second intrusion
The hackers used a single set of stolen credentials — found in the emails they accessed — to break into a test environment in the VA’s Microsoft Cloud account around January, the officials said, adding that the intrusion lasted for one second. Midnight Blizzard likely intended to check if the credentials were valid, presumably with the larger intention of breaching the VA’s network, the officials said.
The agency changed the exposed credentials, along with log-in details across their Microsoft environments, once they were notified of the intrusion, they said. After reviewing the emails that the hackers accessed, the VA determined that no additional credentials or sensitive email was taken, the officials…
Click Here to Read the Full Original Article at Fortune | FORTUNE…
