Quick Hits

DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks

Three percent of email accounts were breached, the Department of Justice reports.

Some 3% of Microsoft 365 accounts at the US Department of Justice were breached by the attackers behind the SolarWinds attacks, the DoJ announced today.

The attacks, which the FBI, Cybersecurity & Infrastructure Security Agency (CISA), Office of the Director of National Intelligence (ODNI), and National Security Agency (NSA) yesterday confirmed were the handiwork of Russian nation-state hackers, affected less than 10 US government agencies via the breach of SolarWinds' Orion network management software.

Related Content:

Microsoft Source Code Exposed: What We Know & What It Means

How Data Breaches Affect the Enterprise

New From The Edge: Security Pros Reflect on 2020

"On Dec. 24, 2020, the Department of Justice’s Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others. This activity involved access to the Department’s Microsoft O365 email environment," said DoJ spokesman Marc Raimondi.

"After learning of the malicious activity, the OCIO eliminated the identified method by which the actor was accessing the O365 email environment," adding that classified systems do not appear to have been affected in the email breach.

Read more here

Editors' Choice
Jai Vijayan, Contributing Writer, Dark Reading
Chris Jacob, VP, Threat Intelligence Engineering at ThreatQuotient
Robert Lemos, Contributing Writer, Dark Reading