Connect with us

Hi, what are you looking for?

How To

Hackers hit Microsoft customer service system, make off with data

Hackers hit Microsoft customer service system, make off with data

Privacy and security on the internet

James Martin/CNET

Microsoft said Friday that hackers breached a computer used by one of its customer service agents and stole account data they then used to launch “highly-targeted” attacks on customers. The company identified the hacking group as Nobelium, the same one behind last year’s major SolarWinds breach.

Microsoft has secured the computer, which the hackers infected with information-stealing software, and notified the “small number” of affected customers, it said in a Friday post on its Security Response Center site.

The company sent a warning to affected Microsoft Services subscribers saying the hackers had access to information during the second half of May, Reuters reported late Friday. The pilfered data included billing contact information and what services the customers pay for, the news outlet said. Hackers can use such basic data in bogus emails and phone calls as part of phishing attacks that can help them gain access to more-sensitive information.

Microsoft warned the impacted customers to exercise caution regarding communications with billing contacts and suggested that changing related passwords and usernames might be a good idea, Reuters reported. The company also urged customers to be sure to use multi-factor authentication to protect against hacks. Microsoft’s investigation of the breach is ongoing, and it hasn’t yet found that any customers were successfully compromised.

The tech giant said it discovered the breach while looking into new activity by the Nobelium group. It said just over half that activity was aimed at information-technology companies, followed by government agencies and then a small percentage of nongovernmental agencies, think tanks and financial services firms.

The SolarWinds hacking campaign made headlines in December 2020. It used tainted software from IT management company SolarWinds, along with other hacking methods, to breach thousands of organizations and tunnel deeper into at least nine federal agencies and 100 private companies, Microsoft among them.

Microsoft had no further comment on the customer service breach, apart from its blog post.

Read more: SolarWinds hackers: What you need to know

Click to comment

Leave a Reply

Your email address will not be published.

You May Also Like


Cybercriminals Adopt the Blockchain to Broadcast confidential Messages A group of analysts from SophosLabs represents that programmers working the crypto-jacking malware, Glupteba, have been...


PUBG unban in India soon as PUBG Corp. Will The Government Of India Unban PUBG? PUBG Mobile was Ban in India, PUBG organization has...


A standard method to execute Bitcoin could be powerless against double-spending, the new examination has found. Blockchain sleuths at ZenGo, a wallet startup, have...

BlockChain News

HDD mining, also known as “storage mining”, is a process of obtaining cryptocurrency based on hard disk memory. Compared with traditional POW mining, hard...