SAN FRANCISCO – Microsoft announced on Friday that an attacker gained access to one of its customer-service agents and then used the knowledge to launch cyber attacks against consumers. The company claimed it discovered the breach while responding to hacks by a group it blames for previous significant breaches at SolarWinds and Microsoft.
Microsoft stated that the impacted consumers had been notified. According to a copy of one warning reviewed by Reuters, the attacker was a member of the group Microsoft refers to as Nobelium, and it had access to the system in the second half of May. “A sophisticated Nation-State connected actor that Microsoft refers to as NOBELLIUM,” it said. I used Microsoft customer support resources to look over information on my Microsoft Services subscription.
When Reuters inquired about the alert, Microsoft responded by publicly announcing the breach.
Microsoft claimed it discovered a breach of its own agent, who it said had limited privileges, after commenting on a larger phishing attempt that it said had affected a small number of businesses.
Among other things, the representative might access billing contact information and the services that consumers pay for.
Microsoft advised concerned consumers to be cautious when communicating with their billing contacts and to consider changing their usernames and email addresses, as well as preventing users from logging in with outdated usernames.
Microsoft said that three businesses had been hacked as a result of the phishing attempt.
It did not immediately say whether any of those whose data was viewed through the system were among those who were harmed.
According to the Department of Homeland Security, the attackers took advantage of flaws in the way Microsoft programme were configured at SolarWinds customers and others.
Microsoft eventually revealed that the hackers had hacked into its own employee accounts and taken software instructions that regulate how the company verifies user identities.