قالب وردپرس درنا توس
Home / Business / Hackers access Microsoft cloud customer information through a third party: report

Hackers access Microsoft cloud customer information through a third party: report



According to the “Washington Post” on Thursday, citing people familiar with the matter, it is reported that hackers with ties to the Russian government have obtained information from at least one private company’s e-mail and accessed Microsoft cloud customer information through a third party.

Sources in the newspaper said that hackers appeared to have accessed the information through an unidentified corporate partner of the tech giant.

Jeff Jones, senior director of communications at Microsoft, said in a statement: “Our investigation of recent attacks has uncovered incidents involving the abuse of credentials to gain access. This incident can take many forms.”

; “We still No vulnerabilities or hazards in Microsoft products or cloud services were found.”

In recent weeks, experts believe that Russian hackers have invaded many government agencies, universities and hospitals. Just last week, Microsoft President Brad Smith said that none of the company’s customers appear to be affected.

According to the CrowdStrike blog post, Smith made a comment two days after Microsoft notified the network security company CrowdStrike, saying that it had detected that the Microsoft Azure account used for CrowdStrike was “unusually calling the Microsoft cloud API.”

The article said: “CrowdStrike not only conducted a thorough review of our Azure environment, but also conducted a comprehensive assessment of all the infrastructure shared by Microsoft.” “The information shared by Microsoft confirmed our conclusion that CrowdStrike was not affected.”

People familiar with the matter told The Post that the company itself has not been hacked. but,[i]If the data of the cloud service provider’s customer has indeed been leaked, and the data is already in the hands of a threat actor, that is a very serious situation,” said John Reid Stark, former head of the Internet Enforcement Office of the Securities and Exchange Commission (John Reed Stark) told reporters to release.

A Microsoft spokesperson told Hill that the observed abuse of technology is not specific to Amazon Cloud Services, and that the company is keeping the government’s attention on any new developments in the investigation.




Source link