Microsoft Says Its Customer Support Tools, Users' Information Were Exploited By The Hackers Behind SolarWinds

This article has been updated.

On Friday, Microsoft Corporation MSFT said that hackers behind the SolarWinds attack had gained access to its customer service agent's device.

What Happened: According to Microsoft, Nobelium, the group behind the SolarWinds cybersecurity attack, used the information extracted from the tools to start highly-targeted attacks on specific Microsoft customers.

The company said it had found the tracks during its response to hacks by a team it identified as responsible for earlier significant breaches. 

The agent, whose device was compromised, could see things like what services customers used and their billing contact information.

"A sophisticated Nation-State associated actor that Microsoft identifies as Nobelium accessed Microsoft customer support tools to review information regarding your Microsoft Services subscriptions," Reuters quoted the warning letter, which was sent by Microsoft to its customers.

The company has warned its customers that they need to be careful about their billing contacts and log-in credentials. It also requested customers to change usernames and email addresses.  

Why It Matters: According to the Department of Homeland Security, the attackers also took advantage of weaknesses in the Microsoft programs that were configured at the SolarWinds customers and others.

Later, Microsoft also stated that the group had compromised its own employee accounts and taken software instructions regarding how Microsoft verifies user identities. 

Last month, the Nobelium targeted the government agencies, think tanks, consultants, and non-governmental organizations.

They carried out cyberattacks by breaking into an email marketing account called Constant Contact, used by the United States Agency For International Development (USAID). 

While organizations in the U.S. had the biggest share of attacks, other targeted victims came from at least 24 countries.  

The SolarWinds hack, which was identified in December 2020, gave hackers access to the thousands of companies and government offices that used SolarWinds' software.

"The latest cyberattack reported by Microsoft does not involve our company or our customers in any way," a spokesperson said to Benzinga.

Read also: Amazon Scoops Wickr Chat App Used By Government Agencies

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In:
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!