Massive Global Hack Breaches Microsoft Business Accounts

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

The European Banking Authority became one of the latest victims as it said Sunday that access to personal data through emails held on the Microsoft server may have been compromised. Others identified so far include banks and electricity providers, as well as senior citizen homes and an ice cream company, according to Huntress, a Ellicott City, Maryland-based firm that monitors the security of customers, in a blog post Friday.One U.S. cybersecurity company which asked not to be named said its experts alone were working with at least 50 victims, trying to quickly determine what data the hackers may have taken while also trying to eject them.The rapidly escalating attack drew the concern of U.S. national security officials, in part because the hackers were able to hit so many victims so quickly. Researchers say in the final phases of the attack, the hackers appeared to have automated the process, scooping up tens of thousands of new victims around the world in a matter of days.“We are undertaking a whole of government response to assess and address the impact,” a White House official wrote in an email on Saturday. “This is an active threat still developing and we urge network operators to take it very seriously.”

Microsoft Server Flaws Raise Alarms at White House, DHS The Chinese hacking group, which Microsoft calls Hafnium, appears to have been breaking into private and government computer networks through the company’s popular Exchange email software for a number of months, initially targeting only a small number of victims, according to Steven Adair, head of the northern Virginia-based Volexity. The cybersecurity company helped Microsoft identify the flaws being used by the hackers for which the software giant issued a fix on Tuesday.

The result is a second cybersecurity crisis coming just months after suspected Russian hackers breached nine federal agencies and at least 100 companies through tampered updates from IT management software maker SolarWinds LLC. Cybersecurity experts that defend the world’s computer systems expressed a growing sense of frustration and exhaustion.

“The good guys are getting tired,” said Charles Carmakal, a senior vice president at FireEye…

Source…