Russian hackers broke into the email accounts of some of Microsoft’s top leadership, the company said Friday evening.
Microsoft said the hackers were members of a group that many in the cybersecurity industry have tied to Russia’s SVR spy agency. They apparently sought to spy on some Microsoft employees who track Russian hackers, the company said in a blog post, and then pivoted to the email accounts of its senior leadership and legal teams.
The SVR is Russia’s signals intelligence agency, comparable in its mission to the U.S. National Security Agency. The U.S. has accused the SVR of masterminding the SolarWinds hacking campaign of 2020, which is regarded as one of the most successful cyberespionage campaigns against the U.S. to date.
In November of last year, hackers bombarded a particular account with possible passwords to gain access, then used that account to gain permission to view the email accounts of select Microsoft employees and download attachments, the company said. It wasn’t clear why that account gave the hackers such access.
Microsoft said it discovered the hack last week and doesn’t believe customers or products were affected.
“We are in the process of notifying employees whose email was accessed,” the post said. “This attack does highlight the continued risk posed to all organizations from well-resourced nation-state threat actors.”
Russia's Ministry of Foreign Affairs didn't immediately respond to an emailed request for comment.