DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds AttacksDoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks

Some 3% of Microsoft 365 accounts at the US Department of Justice were breached by the attackers behind the SolarWinds attacks, the DoJ announced today.

The attacks, which the FBI, Cybersecurity & Infrastructure Security Agency (CISA), Office of the Director of National Intelligence (ODNI), and National Security Agency (NSA) yesterday confirmed were the handiwork of Russian nation-state hackers, affected less than 10 US government agencies via the breach of SolarWinds' Orion network management software.

"On Dec. 24, 2020, the Department of Justice’s Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others. This activity involved access to the Department’s Microsoft O365 email environment," said DoJ spokesman Marc Raimondi.

"After learning of the malicious activity, the OCIO eliminated the identified method by which the actor was accessing the O365 email environment," adding that classified systems do not appear to have been affected in the email breach.

Read more here.