DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks

Three percent of email accounts were breached, the Department of Justice reports.

Dark Reading Staff, Dark Reading

January 7, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Some 3% of Microsoft 365 accounts at the US Department of Justice were breached by the attackers behind the SolarWinds attacks, the DoJ announced today.

The attacks, which the FBI, Cybersecurity & Infrastructure Security Agency (CISA), Office of the Director of National Intelligence (ODNI), and National Security Agency (NSA) yesterday confirmed were the handiwork of Russian nation-state hackers, affected less than 10 US government agencies via the breach of SolarWinds' Orion network management software.

"On Dec. 24, 2020, the Department of Justice’s Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others. This activity involved access to the Department’s Microsoft O365 email environment," said DoJ spokesman Marc Raimondi.

"After learning of the malicious activity, the OCIO eliminated the identified method by which the actor was accessing the O365 email environment," adding that classified systems do not appear to have been affected in the email breach.

Read more here

Read more about:

Black Hat News

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights