We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Russian Hackers Breach Microsoft Leadership Emails

Russian Hackers Breach Microsoft Leadership Emails
Author Image Keira Waddell
Keira Waddell Published on 26th January 2024 Senior Writer

Microsoft has disclosed that a Russian hacking group, identified under the aliases Midnight Blizzard, APT29, Cozy Bear, and Nobelium, infiltrated the email accounts of several of the company’s senior leaders. The attack was first detected on January 12, 2024. It marks another significant breach by the hacking group, which is known for its sophisticated cyber tactics and state-sponsored origins.

Midnight Blizzard, which garnered notoriety for its involvement in the SolarWinds breach, managed to access a “very small percentage” of employee email accounts, according to Microsoft’s statement. The breach included accounts belonging to members of Microsoft’s senior leadership team and employees in key departments like cybersecurity and legal.

The hackers employed a “password spray attack” — a method that involves trying common passwords across numerous accounts — to initially breach a legacy account. From there, they gained access to other high-profile email accounts. While the exact number of compromised accounts remains undisclosed, Microsoft emphasized that the intrusion was not the result of any vulnerabilities in their products or services.

Microsoft has indicated that the group initially focused on targeting email accounts to gather information related to themselves, in what was seemingly an effort to learn what Microsoft knew about the group. However, the extent of other emails and documents that may have been compromised during this breach remains unclear. This tactic mirrors their strategy during the SolarWinds breach, where they aimed to understand the US government's response to their intrusions.

Despite the breach, Microsoft assured that there was no immediate evidence of the hackers gaining access to customer environments, production systems, source code, or AI systems. The company is in the process of notifying affected employees and is collaborating with law enforcement and regulatory bodies to assess the full impact.

Microsoft has also acknowledged the urgent need to accelerate its security enhancements. The company, which has been the target of multiple high-profile hacking efforts and cybersecurity incidents in recent years, is undergoing a significant overhaul of its security approach. This change is deemed necessary to confront the growing challenges posed by well-resourced nation-state threat actors like Midnight Blizzard.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.