Hackers affiliated with the Russian government reportedly accessed e-mails from at least one private sector company and accessed information from Microsoft cloud customers through third parties, The Washington Post reported on Thursday, citing people familiar with the matter.
Newspaper sources said the hackers appear to have accessed the materials through an unidentified corporate partner of the technology giant.
“Our investigation of recent attacks found incidents involving abuse of credentials to gain access, which can come in many forms,” said Jeff Jones, senior director of communications at Microsoft, in a statement on Thursday. “We have not yet identified any vulnerabilities or compromises in the Microsoft product or cloud services.”
Numerous government agencies, as well as universities and a hospital have been compromised in recent weeks by what experts believe to have been Russian hackers. Just last week, Microsoft President Brad Smith said that none of the company’s customers appeared to have been affected.
Smith made the comments two days after Microsoft informed CrowdStrike, a cybersecurity company, that it detected a Microsoft Azure account used for CrowdStrike’s Microsoft licenses by making “abnormal calls to Microsoft cloud APIs,” according to a CrowdStrike blog post.
“CrowdStrike conducted a thorough analysis not only in our Azure environment, but in our entire infrastructure for indicators shared by Microsoft,” said the post. “The information shared by Microsoft reinforced our conclusion that CrowdStrike was not impacted.”
People familiar with the problems told the Post that the company itself was not hacked. Yet, “[i]If it is true that a cloud service provider’s customer data has been exfiltrated and is in the hands of a threat actor, this is a very serious situation, ”said John Reed Stark, former head of the Internet Surveillance Office at Securities and Exchange Commission, à Pós.
A Microsoft spokesman told The Hill that the abuse techniques observed were not specific to Amazon’s cloud services and that the company is keeping government officials informed of any new developments in the investigations.