Russian hackers accessed UK Home Office’s emails and data – report


Russian foreign intelligence service-affiliated cyber spies, tracked as Midnight Blizzard, compromised the British Government in January 2024, according to a report by The Record.

The breach stems from a larger cyber incident at Microsoft. On January 19th, the tech giant disclosed that Midnight Blizzard – also known as Nobelium, APT29, or Cozy Bear – attacked its systems and gained access to emails of its senior leadership and some customers. Midnight Blizzard is the same group behind the SolarWinds attack on the US government in 2020.

Hackers used a technique known as password spraying, brute forcing a system using default passwords on multiple user accounts.

ADVERTISEMENT

However, what went unreported was that the breach also affected the UK Home Office. Hackers may have accessed corporate emails and data.

According to the Record, the Home Office reported the incident to Britain’s data protection regulator on May 2nd. The report said that the department's corporate systems were affected by a “nation-state attack on [a] supplier.”

The Information Commissioner's Office (ICO) confirmed that it was aware of the incident. Having assessed the provided information, the ICO decided not to take further action.

Following the publication, the Home Office spokesperson noted that “there is no evidence that Home Office systems were compromised.” Microsoft also added they had found no evidence that any customer-facing systems had been compromised as a result of the attack in January.

In April, the US Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to federal agencies to mitigate “the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System.”

CISA also warned that Russian hackers were escalating the email breach and urged organizations to apply stringent security measures.

ADVERTISEMENT