Wiz: Microsoft Cyberattack Posed Greater Risk to More Users
Millions of Microsoft applications were potentially vulnerable.
A recent Microsoft cyberattack that gave nation-state actors access to email accounts of high-ranking officials could be bigger and more dangerous than anticipated.
That’s according to researchers at Wiz, a cloud security provider.
Earlier this month, Microsoft reported a threat actor attributed to China, Storm-0558, gained access to email accounts in approximately 25 organizations. The affected organizations were primarily government agencies, but also included individuals who were likely consumers associated with those agencies. The perpetrators gained access to Outlook Web Access in Exchange Online (OWA) and Outlook.com.
The threat actor acquired a private encryption key and used it to forge access tokens for OWA and Outlook.com. Additionally, the threat actor reportedly exploited two security issues in Microsoft’s token verification process.