Microsoft has notified customers that the Russian criminals who compromised its systems earlier this year stole even more emails than it first admitted.
Russian hackers who broke into Microsoft’s systems and spied on staff inboxes earlier this year in January also stole emails from its customers, the Redmond-based company admitted last Thursday, around six months after it first disclosed the cyberattack.
Microsoftpreviously informed some individuals that their emails were viewed, but the company is now providing more specific details about the impacted accounts, Bloomberg reports.
“We are continuing notifications to customers who corresponded with Microsoft corporate email accounts that were exfiltrated by the Midnight Blizzard threat actor, and we are providing the customers the email correspondence that was accessed by this actor,” a Microsoft spokesperson toldBloomberg(the article is paywalled).
“This is increased detail for customers who have already been notified and also includes new notifications.”
Microsoft is also sharing the compromised emails with its customers. However, the company has not yet disclosed the total number of impacted individuals or the volume of stolen emails.
The tech giantsaid in Januarythat a Russia-based threat actor, Midnight Blizzard, had accessed “a very small percentage” of the company’s corporate email accounts. Employees with compromised emails included members of the senior leadership, cybersecurity, and legal teams.
Later in March, the company said thosehackers were still trying to break in, but it maintained that there’s “no evidence” so far that thecyberattackcompromised any customer-facing systems.
Related:
Anurag Singh was a Tech Writer on Dexerto’s UK team, expertly covering laptops, smartphones, and wearables. He covers the biggest tech news from major brands such as Apple, Samsung, and Microsoft. He also has bylines at Android Police, Neowin, MakeTechEasier, Gizmochina.
