Microsoft tells Texas government agencies and universities that emails were leaked in a Russian hack

Microsoft reported that it had been hit by a cyber attack from a Russian hacking group in January 2024. It has now been revealed that Microsoft has reported to government agencies and public universities in Texas, USA, that some emails were leaked as a result of this attack.

Microsoft MSFT Tells Texas Agencies They Were Exposed in Russian Hack - Bloomberg
https://www.bloomberg.com/news/articles/2024-06-28/microsoft-tells-texas-agencies-they-were-exposed-in-russian-hack

Microsoft informs customers that Russian hackers spied on emails | Reuters
https://www.reuters.com/technology/cybersecurity/microsoft-tells-clients-russian-hackers-viewed-emails-bloomberg-news-reports-2024-06-27/

Microsoft reveals further emails compromised by Russian hack
https://www.engadget.com/microsoft-reveals-further-emails-compromised-by-russian-hack-130014275.html

On January 12, 2024, Microsoft's systems were subjected to a cyber attack by the Russian government-backed hacking group 'Midnight Blizzard (Cozy Bear / APT29 / NOBELIUM).' This resulted in the compromise of a 'small percentage' of email accounts belonging to members of Microsoft's senior leadership team and employees in cybersecurity, legal and other departments, resulting in the leakage of emails and attachments.

Microsoft announces that it has been hit by a cyber attack from the Russian government-backed hacking group 'Midnight Blizzard' - GIGAZINE

Microsoft later revealed that Midnight Blizzard used information gained from the hack to infiltrate the company's network and compromise its source code and internal systems.

It turns out that Russian government hacker 'Midnight Blizzard' had access to Microsoft's source code and internal systems - GIGAZINE

Then, in June 2024, foreign media Bloomberg reported that Microsoft had informed more than a dozen government agencies and public universities in Texas that emails with Microsoft had been leaked in a January hack. The emails were reportedly stolen from a Microsoft executive who was hacked, and according to a person familiar with the matter, the government agencies that received the notice included the Texas Department of Transportation, the Texas Workforce Commission, the Texas Department of Motor Vehicles, the Texas Department of Public Lands, and the Texas Securities Commission.

Steve Peer of the Texas Department of Information Resources confirmed that state agency emails had been exposed, but said the emails seen leaking so far were just routine government communications. 'I want to be very clear: the state of Texas itself was not compromised. Microsoft was compromised and part of that involved some of the state of Texas email,' Peer said.

According to Kimberly Hubbard, a spokesperson for the Texas Department of Public Lands, Microsoft contacted the agency on June 24th, saying that hackers had obtained 11 emails sent by the Bureau of Land Management to Microsoft. Hubbard commented, 'These emails did not contain any confidential or sensitive information or information that a threat actor could use to attack us. We have not observed any access to systems related to this Microsoft incident or any subsequent indications of attacks on our network.'