Hackers affiliated with the Russian government have reportedly accessed emails from at least one company in the private sector and accessed Microsoft cloud customers' information through a third party, The Washington Post reported Thursday, citing people familiar with the matter.
The newspaper’s sources said the hackers seemed to have accessed the materials through an unidentified corporate partner of the tech giant.
“Our investigation of recent attacks has found incidents involving abuse of credentials to gain access, which can come in several forms,” Jeff Jones, Microsoft’s senior director for communications, said in a statement Thursday. “We have still not identified any vulnerabilities or compromise of Microsoft product or cloud services.”
Numerous government agencies as well as universities and a hospital have been compromised in recent weeks by what experts believe to have been Russian hackers. As recently as last week, Microsoft President Brad Smith said none of the company’s customers appeared to be affected.
Smith made the comments two days after Microsoft informed CrowdStrike, a cybersecurity company, that it had detected a Microsoft Azure account used for CrowdStrike’s Microsoft Licenses making “abnormal calls to Microsoft cloud APIs,” according to a CrowdStrike blog post.
“CrowdStrike conducted a thorough review into not only our Azure environment, but all of our infrastructure for the indicators shared by Microsoft,” the post stated. “The information shared by Microsoft reinforced our conclusion that CrowdStrike suffered no impact.”
People familiar with the issues told the Post the company itself was not hacked. However, “[i]f it’s true that a cloud service provider customer’s data has been exfiltrated and is in the hands of some threat actor, that’s a very serious situation,” John Reed Stark, the former head of the Securities and Exchange Commission’s Office of Internet Enforcement, told the Post.
A Microsoft spokesperson told The Hill that the abuse techniques observed were not specific to Amazon cloud services, and that the company is keeping government authorities in the loop on any new developments in the investigations.