Straitstimes.com header logo

Microsoft informs customers that Russian hackers spied on e-mails

Sign up now: Get ST's newsletters delivered to your inbox

Microsoft said it was also sharing the compromised emails with its customers, but did not say how many customers had been impacted, nor how many emails may have been stolen.

Microsoft did not say how many customers had been impacted, nor how many e-mails may have been stolen.

PHOTO: AFP

Follow topic:

SAN FRANCISCO/BENGALURU Russian hackers who broke into Microsoft’s systems and spied on staff inboxes earlier in 2024 also stole e-mails from its customers, the tech giant said on June 27, around six months after it first disclosed the intrusion.

The disclosure underscores the breadth of the breach as Microsoft faces increasing regulatory scrutiny over the security of its software and systems against foreign threats. An allegedly Chinese hacking group that separately

breached Microsoft in 2023 stole thousands of US government e-mails.

The Russian government has never responded to the Microsoft hacking allegations, but Microsoft has said the hackers targeted cyber-security researchers who had been investigating the Russian hacking group’s actions.

“This week, we are continuing notifications to customers who corresponded with Microsoft corporate e-mail accounts that were exfiltrated by the Midnight Blizzard threat actor,” a Microsoft spokesperson said in an e-mailed statement. Bloomberg first reported on the action earlier in the day.

Microsoft said it was also sharing the compromised e-mails with its customers, but did not say how many customers had been impacted, nor how many e-mails may have been stolen.

“This is increased detail for customers who have already been notified and also includes new notifications,” the spokesperson said.

“We’re committed to sharing information with our customers as our investigation continues.”

Back in January, the world’s largest software vendor had said Midnight Blizzard had accessed “a very small percentage” of the company’s corporate e-mail accounts.

Four months later, it said those hackers were still trying to break in, alarming many of its security industry peers and customers who questioned why Microsoft’s systems remained vulnerable.

Those intrusions and the Chinese hack in 2023 prompted a congressional hearing earlier in June, where Microsoft president Brad Smith said the company was working on overhauling its security practices. REUTERS

More on this topic
Germany and allies accuse Russia of cyber attacks
US charges Russian over Ukraine hack, offers $13.5 million reward for info
See more on

E-paper

Newsletters

Podcasts

RSS Feed

About Us

Terms & Conditions

Privacy Policy

Need help? Reach us here.

Advertise with us

Download the app

Get unlimited access to exclusive stories and incisive insights from the ST newsroom
Subscribe Placeholder
MDDI (P) 046/10/2025. Published by SPH Media Limited, Co. Regn. No.202120748H. Copyright © 2025 SPH Media Limited. All rights reserved.