Both UK government and Microsoft dismiss severity of attacks.
Russia-linked espionage attacks access corporate emails and data on individuals from the British government earlier this year.
According to The Record, the Russian group initially targeted Microsoft, which supplies corporate services to the Home Office, before exploiting this access to compromise data from several of Microsoft’s clients.
After Microsoft disclosed in January that “Midnight Blizzard” - which the UK attributes to Russian intelligence agency - accessed email accounts of senior leaders at the company, and customers’ emails as well as Microsoft’s own “source code repositories and internal systems.”
A comment sent to The Record said that the Russian spies had not accessed the Home Office's own systems, and compromised corporate email data shared between Microsoft and the Home Office that was held by Microsoft.
Also a spokesperson for Microsoft said there is no evidence that any Microsoft-hosted customer-facing systems had been compromised as a result of the attack against Microsoft that we shared in January.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
