Microsoft has disclosed that Russian hackers who infiltrated its systems and accessed staff emails earlier this year also stole emails from its customers. This announcement, made six months after the initial breach was revealed, highlights the extensive impact of the attack. The disclosure comes amid increasing regulatory scrutiny of Microsoft's software and systems security against foreign threats.
A separate incident involving a Chinese hacking group last year resulted in the theft of thousands of U.S. government emails. The Russian government has not responded to allegations regarding the Microsoft hack, but Microsoft stated that the hackers targeted cybersecurity researchers investigating the Russian group's actions.
"We are continuing to notify customers whose correspondence with Microsoft corporate email accounts was exfiltrated by the Midnight Blizzard threat actor," a Microsoft spokesperson said in an emailed statement.
Microsoft is informing affected customers and sharing the compromised emails but has not disclosed the number of impacted customers or the volume of stolen emails.
These incidents, along with the Chinese hack, led to a Congressional hearing where Microsoft President Brad Smith stated that the company is working on overhauling its security practices.In other news, Microsoft has appointed Mustafa Suleyman and Karén Simonyan, co-founders of AI startup Inflection AI, along with their adept team members, to spearhead Microsoft's new AI venture.