A Microsoft confirmed that a group of Russian hackers, known as Midnight blizzard, and who attacked the company's servers in January, also had access to the company's source code repositories and internal systems.
According to Microsoft's investigation, the attack will not have affected Microsoft customer systems, which use Microsoft's platforms. The attack will have been focused only on the entity's own systems. The company also emphasizes that it will continue to investigate the attack, to find out more details.
Microsoft also warns that, using the data that the attackers obtained, this group is now using the information to try to gain access to other company platforms, as well as individual accounts.
Since February, the number of attacks against Microsoft services has increased more than tenfold, in part because the group has also intensified brute force attacks against accounts associated with the company.
Microsoft claims that the attackers used an old account, without two-step authentication, to gain access to the company's systems. The group will also have accessed the email accounts of company employees and executives, which may include communication between some of its customers.
Finally, the company guarantees that it will continue to work to ensure the security of its systems, while also analyzing the attack to obtain more information, sharing it as necessary.
