Microsoft confirmed it was breached on January 12, 2024, by hackers that gained access to Microsoft's corporate email accounts, leading to the theft of federal government email accounts.
While the hack was considered extremely bad at the time, and it still is, it appears the breach may be worse than initially anticipated as more Microsoft customers are receiving emails their email account has become compromised, meaning it wasn't just federal email account data stolen, but also customer data.
Microsoft blamed the attack on a Russian government-sponsored hacking organization called Midnight Blizzard, and according to the software giant, they are providing notifications to customers who were exposed to the hack through email correspondence with compromised Microsoft corporate email accounts.
The Midnight Blizzard hack and then another breach on April 2 by state actors from China resulted in Microsoft being deemed a threat to US national security and the US Cybersecurity and Infrastructure Security Agency (CISA), the cybersecurity arm of the US government, stating Microsoft poses a "grave and unacceptable risk to agencies."
"We are continuing notifications to customers who corresponded with Microsoft corporate email accounts that were exfiltrated by the Midnight Blizzard threat actor, and we are providing the customers the email correspondence that was accessed by this actor," a Microsoft spokesperson told Bloomberg. "This is increased detail for customers who have already been notified and also includes new notifications."
Microsoft sending more notifications to customers linked to the breach indicates more customer data was stolen than Microsoft has publicly admitted.