Microsoft hack: users warned their emails may have been hacked by Midnight Blizzard

• Microsoft emails have been compromised by hackers Midnight Blizzard. 
• The group is believed to have links to the Russian Foreign Intelligence Service. 
• Customers affected by the hack are being contacted by Microsoft. 
• But some users raised concerns that Microsoft’s own email looked a bit like a phishing scam. 

Microsoft is urgently contacting users amid fears they may have been victims of a Russian hacking group. The tech giant admitted in January that it had been hit by an attack from the group “Midnight Blizzard”.

The company has been reaching out to more customers to inform them that their emails were part of a Russian state-sponsored hack. Microsoft is contacting affected users directly but it was previously admitted that US government agencies were among those who had been ensnared. 

It is not the first time that Microsoft has been hit by a major hack in recent years. Here’s all you need to know: 

What happened in the hack? 

In January of this year, Microsoft confirmed the hack and said that Midnight Blizzard had stolen senior leaders’ emails and were attempting to use them to crack customers’ information. Bloomberg reports that the tech giant is now reaching out to those affected by the hack. 

A spokesperson for the company said in a statement: “This week we are continuing notifications to customers who corresponded with Microsoft corporate email accounts that were exfiltrated by the Midnight Blizzard threat actor.” 

Microsoft contacts compromised customers 

Bloomberg saw one of the emails from Microsoft to the impacted customers and it included a link to review the compromised messages. 

The website reports that the email stated: “You are receiving this notification because emails were exchanged between Microsoft and accounts in your organisation, and those emails were accessed by the threat actor Midnight Blizzard as part of their cyberattack on Microsoft.” Some users on the social platform Reddit were left questioning if the email from Microsoft was a phishing email after receiving it, with one user writing: “Has anyone else received this email, or know of any legitimate campaign by Microsoft to identify individuals to release compromised emails to? I can't seem to find anything on the web that corroborates such a campaign.” 

What has the reaction been? 

The Midnight Blizzard hack is not the only security breach that Microsoft has had to deal with in recent years. In 2021, the Microsoft Exchange Servers were hit by a massive cyberattack with user details and passwords among the data compromised. 

In the US, the cyber security review board issued a damning report into the incident which concluded that “Microsoft’s security culture was inadequate and requires an overhaul”. It also found that “avoidable errors” allowed the “intrusion to succeed”. 

Who is Midnight Blizzard? 

Midnight Blizzard is the group responsible for the latest hack on Microsoft. Bloomberg reported that UK and US security agencies have said that it is part of the Russian Foreign Intelligence Service. 

The group has been known by many monikers including Cozy Bear, CozyDuke, Dark Halo and plenty of others. They are believed to have been responsible for hacks on Dutch ministries in 2017, Republican National Committee in 2021 and now Microsoft. 

Ransomware attacks and other cybersecurity breaches continue to be a major threat in the 2020s and if you are perhaps wondering what it is like to work in the CyberSec industry, YouTuber Grant Collins has a great video on the differences between the expectations and realities. It is just 10 minutes and can be watched on his channel right now.