Microsoft's Threat Intelligence team, stating that the group has been targeting various organisations. Microsoft has initiated notification processes for the targeted entities. Also Read | FTC launches inquiry into artificial intelligence deals such as Microsoft's OpenAI partnership Recent developments suggest that Midnight Blizzard's activities extend beyond Microsoft.
Hewlett Packard Enterprise Co. (HPE) reported a breach in its cloud-based email system on January 24, attributing it to the activities of Midnight Blizzard. This signals a broader reach for the hacking group.
In a prior disclosure, Microsoft revealed that the group compromised a "legacy non-production test tenant account" to gain access to a "small number" of email accounts, including those of senior leadership and employees in cybersecurity and legal roles. Also Read | Microsoft lays off 1,900 Activision Blizzard, Xbox staff: Report The initial target was information about Midnight Blizzard itself. The investigation later revealed that the compromised email account lacked multifactor authentication, a standard security measure.
Hewlett Packard Enterprise (HPE), an information technology provider, reported that it was notified on December 12 about a breach by a nation-state hacking group in its email systems. Investigators believe the hackers accessed and infiltrated data starting in May, primarily targeting a small percentage of HPE mailboxes from employees in cybersecurity and other departments. Also Read | AI race propels Silicon Valley tech firms Microsoft, Meta, and Google to new highs.
Read more on livemint.com