Microsoft’s Midnight Blizzard source code breach also impacted federal agencies
Illustration by Amelia Holowaty Krales / The Verge
In March, Microsoft notified the US Department of Veterans Affairs that it was impacted by the security breach that enabled the Russian hacking group known as “Midnight Blizzard” to steal some of the company’s source code, reports Bloomberg. Already assigned blame for the earlier SolarWinds attack, the group has been accused of spying on email accounts of Microsoft’s senior leadership team and attempting to use the secrets obtained there to create additional security breaches.
The VA department found that Midnight Blizzard used a single set of stolen credentials to access a Microsoft Cloud test environment around January. VA officials told Bloomberg that the account was accessed for just one second, presumably to see if the credentials…