New developments on the Microsoft data breach last January have revealed that the cyberattack has also impacted several US departments.
First reported by Bloomberg, the Department of Veteran Affairs and State Department subgroup US Agency for Global Media confirmed to have been impacted by the January cyberattack.
(Photo : Tim Heitman/Getty Images for BIG3)
Both agencies disclosed that Microsoft contacted them last March, two months since the Russian-based hacker group Midnight Blizzard attacked the company resulting in its source code and corporate emails being compromised.
The agencies, however, assured that the vulnerabilities were quickly resolved in addition to an ongoing investigation to determine the full impact of the cyberattack.
The new findings follow earlier reports of the Russian-based hackers accessing thousands of customer and client emails, including those from government departments.
Also Read: US Officials Confirm Russian Hackers Accessing Gov't Emails Via Microsoft Breach
Microsoft Alerts More Customers on Compromised Emails
In addition to government agencies, Microsoft has started sending notifications to its customers impacted by the data breach six months ago.
Several users first shared the email on Reddit to inquire about its legitimacy. Later analysis of the supposed alert email showed Microsoft advising affected customers to reauthorize access to the compromised email accounts.
Midnight Blizzard Microsoft Email Data Sharing Request: Legit?
byu/strategic_one inOffice365
Microsoft claimed that the emails are part of its "commitment to transparency" amid growing discontent among its users for repeated security vulnerabilities.
Microsoft Faces Gov't Scrutiny Amid Surging Data Breaches
Microsoft President Brad Smith has already testified to the Senate earlier last month to address mounting security concerns amid an increasing number of major data breaches on the tech giant.
Before the Midnight Blizzard incident, Microsoft reported in July 2023 a major cyber incident that led to over 60,000 State Department emails being compromised.
The Cybersecurity Review Board ruled that the incident was supposed to be "preventable" if not for Microsoft's "inadequate" security culture.
The review board advised a complete "overhaul" of the company's security system starting with an outlook plan to improve its systems.
Microsoft CEO Satya Nadella has since been reported as telling employees that the company is now putting its cyber defenses as its "No. 1 priority."
Related Article: Microsoft Scrutinized Over 'Inadequate' Security Practices in the US, Calls for 'Overhaul'
