Excerpt from TechReport Article, Published on Feb 19, 2024

In a historic cyberattack, Microsoft Azure, the cloud computing service, has fallen victim to its largest data breach ever, compromising hundreds of executive accounts and resulting in a significant user data leak.

According to reports from cybersecurity firm Proofpoint, the attack utilized malicious techniques first identified in November 2023, involving credential theft through phishing methods and cloud account takeover (CTO). Hackers exploited these methods to gain unauthorized access to Microsoft 365 applications and Office Home. The attack’s sophistication lay in its deployment of malicious links embedded within documents, disguised with innocuous anchor text such as “View Document,” leading unsuspecting users to phishing websites.

The compromised accounts, primarily belonging to mid-level and senior executives including financial directors, operations vice presidents, and CEOs, were targeted for financial fraud and data theft. The attackers may have tampered with multi-factor authentication systems to prolong unauthorized access. The attack points to a group believed to originate from Russia and Nigeria, inferred from their use of local fixed-line ISPs. However, further details regarding the perpetrators remain undisclosed.

According to Amit Yoran, CEO of the cybersecurity company Tenable, who criticized the company’s track record and called it “even worse than you think,” this breach highlights long-standing concerns about Microsoft’s cybersecurity practices.Yoran’s criticism extends to Microsoft’s alleged negligence in addressing security vulnerabilities promptly. He cited instances where security flaws led to breaches impacting organizations and individuals, with implications extending to national security, such as the theft of sensitive emails from US government officials.

Senator Ron Wyden (D-OR) has urged the US Department of Justice to hold Microsoft accountable for the breaches, emphasizing the need for improved transparency and timely disclosure of security incidents. Yoran’s claims of delayed response from Microsoft further underscore the urgency for stringent security protocols within tech companies. Amid escalating concerns over cybersecurity, calls for greater accountability and transparency in handling security breaches are mounting. It is anticipated that regulatory measures mandating prompt disclosure of breaches will be implemented to safeguard user data and national security interests.

To delve deeper into this topic, please read the full article in the TechReport.