Russian hackers stole federal correspondence with Microsoft

Maggie Miller

April 11, 2024 at 4:38 PM·2 min read

Russian government-linked hackers stole correspondence between a number of U.S. federal agencies and Microsoft in a monthslong hack this year, the Cybersecurity and Infrastructure Security Agency said Thursday.

While the hack itself has been known since January, CISA’s disclosure is the first acknowledgment that federal agency emails with Microsoft were stolen.

The new details are likely to increase scrutiny of Microsoft, which has been under the federal spotlight in recent weeks for a separate hack of its systems by Chinese hackers.

New orders: The extent of the Russian hack was spelled out in an emergency directive issued by CISA on April 2 to federal agencies and made public on Thursday. It ordered agencies to take steps to immediately identify all compromised email correspondence, and to reset credentials for those accounts. The directive was reported last week by CyberScoop, but without mention that the correspondence between Microsoft and federal agencies was specifically targeted.

The directive reported that Russian hacking group Midnight Blizzard breached email accounts at an undisclosed number of federal agencies and stole emails between Microsoft and the agencies. Midnight Blizzard is Microsoft’s name for the prolific Russian government hackers behind the 2016 attack on the Democratic National Committee and for the SolarWinds hack in 2020 that led to the compromise of around a dozen U.S. federal agencies.

Eric Goldstein, executive assistant director for cybersecurity at CISA, said during a call on the directive Thursday that CISA was “not aware” of any breaches in production environments at federal agencies, but said the breach was an “exigent threat” to the government. Goldstein would not comment on the number of agencies impacted by the breach.

Intensification: The directive described the breach as “a grave and unacceptable risk to agencies.” CISA also notes in the document that Microsoft informed the agency that after the initial breach in January, Microsoft saw a “10-fold” increase in the attack overall, including mass efforts to use passwords from other compromised accounts.

CISA noted in the directive that Microsoft had notified all affected agencies, and that Microsoft was providing metadata for all compromised emails. Microsoft noted in a statement Thursday, “as we discover secrets in our exfiltrated email, we are working with our customers to help them investigate and mitigate. This includes working with CISA on an emergency directive to provide guidance to government agencies.”

John Sakellariadis contributed to this report.

TechCrunch
US says Russian hackers stole federal government emails during Microsoft cyberattack
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that Russian government-backed hackers stole emails from several U.S. federal agencies as a result of an ongoing cyberattack at Microsoft. In a statement published Thursday, the U.S. cyber agency said the cyberattack, which Microsoft initially disclosed in January, allowed the hackers to steal federal government emails "through a successful compromise of Microsoft corporate email accounts."
Yahoo Sports
NBA playoffs: Officials admit they flubbed critical kick-ball call in controversial final minute of Pacers-Knicks
Tuesday's last-2-minute report should be interesting.
Yahoo Sports
NBA playoffs: Timberwolves swarm Nuggets to take commanding 2-0 series lead over champs
The way things are going, the reigning champion Nuggets may not play another game at home this season.
Yahoo Life Shopping
The 24 best gifts for the mom who says she has everything
We've got unique gift ideas for every kind of mom, whether she prefers something useful, fanciful or just fun.
Yahoo TV
Tom Selleck hopes CBS execs 'come to their senses' and save 'Blue Bloods' from cancellation
The actor isn’t ready to say goodbye to Frank Reagan, he tells Yahoo. CBS’s plans to end the show in the fall have been “frustrating” when “we're still bringing it.”
Yahoo Life Shopping
The 24 best Mother's Day gifts for every budget in 2024
Find the perfect Mother's Day gift idea under $25, under $50, under $100 or under $200.
Yahoo Sports
NBA playoffs: Jalen Brunson scores 43 points, Knicks outlast Pacers for 121–117 win in Game 1
Jalen Brunson scored 43 points, leading the New York Knicks to a 121–117 win over the Indiana Pacers in Game 1 of their second-round NBA playoff series.
TechCrunch
This year's Met Gala theme is AI deepfakes
Whether you love or hate celebrity culture, the Met Gala is an event. In the photo, Katy Perry appears to be wearing a massive gown decorated with three-dimensional floral appliques. As the pearlescent gown drapes down to the ground, its long train fades into realistic-looking moss, which cascades across the beige and red Met Gala carpet.
Yahoo Sports
Sky rookie, No. 3 WNBA pick Kamilla Cardoso out at least 4-6 weeks with shoulder injury
Cardoso led South Carolina to a national championship, then became the third pick in last month's WNBA Draft by Chicago.
Yahoo Life Shopping
The 34 best gift ideas for women, to treat her like the queen she is
Want a unique present for your wife, mom or bestie? She'll love these finds from Lululemon, Sephora, Anthropologie and beyond.
Yahoo Life Shopping
The 25 best last-minute Mother's Day gifts to shop now
It's not too late! Score free, fast shipping on these last-minute gifts for Mom.
Yahoo Life
Bird flu: The latest on U.S. spread, the safety of milk and more precautions
Everything you need to know about the spread of avian influenza, aka bird flu, in the U.S. and new precautions for farmworkers.
TechCrunch
Wayve raises $1B to take its Tesla-like technology for self-driving to many carmakers
Wayve, a U.K.-born startup developing a self-learning rather than rule-based system for autonomous driving, has closed $1.05 billion in Series C funding led by SoftBank Group. The company plans to use the fresh capital injection to develop its product for "eyes on" assisted driving and "yes off" fully automated driving and other AI-assisted automotive applications. San Francisco has become known as the epicenter for autonomous driving roll-outs, with Alphabet-owned Waymo and GM-owned Cruise both operating services in the city.
Yahoo Sports
Victor Wembanyama wins NBA Rookie of the Year via unanimous vote after delivering on unprecedented hype
Victor Wembanyama did everything for the Spurs as a rookie.
Yahoo Life Shopping
The 23 best gifts for your mother-in-law in 2024
Win her over with these thoughtful picks from Sephora, Uncommon Goods, Amazon and Walmart.
Yahoo Finance
Lucid stock down on Q1 loss, confirms Gravity SUV on track for 'late 2024' launch
EV maker Lucid reported mixed first quarter results as a wider-than-expected loss trumped the company's confirmation that its Gravity SUV is still on track for a 2024 debut.
Yahoo Sports
2024 NBA offseason previews: Teams' needs, free agents, draft picks, cap space and more
The 2023-024 NBA season isn't yet over. A number of teams are still dreaming of championship glory. But for those that have been bounced from the playoffs, it's time to reassess and re-evaluate for next season.
Yahoo Finance
Social Security just passed Medicare as the government's most pressing insolvency risk
An annual government report offered a glimmer of good news for Social Security and a jolt of good news for Medicare even as both programs continue to be on pace to run dry next decade.
Yahoo Finance
Stock market today: Stocks climb as S&P 500 notches best 3-day run of 2024
Stocks rallied at the end of last week, getting a boost from a "Goldilocks" jobs report.
Yahoo Finance
IBM CEO Arvind Krishna: Why the economy has slowed, and how AI is benefiting
IBM chairman and CEO Arvind Krishna shares his thoughts on why the economy has slowed, and why AI is benefiting from it.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Russian hackers stole federal correspondence with Microsoft

Recommended Stories

US says Russian hackers stole federal government emails during Microsoft cyberattack

NBA playoffs: Officials admit they flubbed critical kick-ball call in controversial final minute of Pacers-Knicks

NBA playoffs: Timberwolves swarm Nuggets to take commanding 2-0 series lead over champs

The 24 best gifts for the mom who says she has everything

Tom Selleck hopes CBS execs 'come to their senses' and save 'Blue Bloods' from cancellation

The 24 best Mother's Day gifts for every budget in 2024

NBA playoffs: Jalen Brunson scores 43 points, Knicks outlast Pacers for 121–117 win in Game 1

This year's Met Gala theme is AI deepfakes

Sky rookie, No. 3 WNBA pick Kamilla Cardoso out at least 4-6 weeks with shoulder injury

The 34 best gift ideas for women, to treat her like the queen she is

The 25 best last-minute Mother's Day gifts to shop now

Bird flu: The latest on U.S. spread, the safety of milk and more precautions

Wayve raises $1B to take its Tesla-like technology for self-driving to many carmakers

Victor Wembanyama wins NBA Rookie of the Year via unanimous vote after delivering on unprecedented hype

The 23 best gifts for your mother-in-law in 2024

Lucid stock down on Q1 loss, confirms Gravity SUV on track for 'late 2024' launch

2024 NBA offseason previews: Teams' needs, free agents, draft picks, cap space and more

Social Security just passed Medicare as the government's most pressing insolvency risk

Stock market today: Stocks climb as S&P 500 notches best 3-day run of 2024

IBM CEO Arvind Krishna: Why the economy has slowed, and how AI is benefiting