Russian hackers were able to steal US government emails after attacking Microsoft

CISA issues emergency directive as emails compromised

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Russian hackers have taken advantage of a cyber attack onMicrosoftto steal emails from the accounts of officials working in several US federal agencies.

The US Cybersecurity and Infrastructure Security Agency (CISA)revealed in a statementthat the breach is a result of the threat actor tracked by Microsoft as ‘MidnightBlizzard’ and known more widely as APT29, which has strong links to the Russian Foreign Intelligence Service.

CISA said that the hackers gained access “through a successful compromise of Microsoft corporate email accounts.”

Perfect espionage opportunity

“MidnightBlizzard’s successful compromise of Microsoft corporate email accounts and the exfiltration of correspondence between agencies and Microsoft presents a grave and unacceptable risk to agencies,” CISA said in the statement, but did not disclose the agencies affected or the breadth of the damage.

An emergency directive was issued by the agency stating that email accounts belonging to civilian government agencies needed to be secured as a result of the attack on Microsoft, upon which many government agencies rely for email communications.

Microsoft first revealed that it was under attack in January 2024, stating thatRussian hackers had managed to gain access to corporate email accountsin the cybersecurity and legal departments. The tech giant later confirmed that the breach was not confined, and that corporate accounts belonging to organizations outside of Microsoft were also affected.

Since then, Microsoft has been working to remove all access from the MidnightBlizzard group in what the company has described as an “ongoing attack,” stating that the threat actors “may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Samsung plans record-breaking 400-layer NAND chip that could be key to breaking 200TB barrier for ultra large capacity AI hyperscaler SSDs

Adobe’s decision to eliminate perpetual licensing for its Elements software has stirred controversy among consumers

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption