Nobelium Hackers Accessed Microsoft Customer Support Tools
Nobelium is Microsoft’s name for a state-sponsored hacking group believed to be operating out of Russia responsible for the SolarWinds supply-chain attacks.
Microsoft said it had warned the affected customers.
“A sophisticated Nation-State associated actor that Microsoft identifies as NOBELLIUM accessed Microsoft customer support tools to review information regarding your Microsoft Services subscriptions,” read the Microsoft email obtained by Reuters.
The agent could see billing contact information and what services the customers pay for, among other things. “The actor used this information in some cases to launch highly-targeted attacks as part of their broader campaign,” Microsoft said.
Microsoft warned affected customers to be careful about communications to their billing contacts and consider changing those usernames and email addresses, as well as barring old usernames from logging in.