Microsoft claims its own customer support tools have been compromised by SolarWinds hackers
Microsoft says some of its customer support tools have been viewed by the Nobelium hacking group, which was also linked to the separate SolarWinds attack, due to the compromise of a Microsoft customer service agent’s computer. Microsoft Recount Reuters that the agent had limited access and could see things like the services used by customers and their billing details. According to Microsoft, the hackers used the information gleaned from the tools to launch “highly targeted” attacks against specific Microsoft customers.
The attack, according to Microsoft, was part of a larger Nobelium campaign focused largely on IT companies and governments around the world. The company says it contacted customers who were affected by the hacking group’s use of the tools and Nobelium no longer has access to the customer support agent’s device.
Microsoft has talked a lot about security today, especially when it comes to its upcoming Windows 11, as the company tries to argue that users need to have specific hardware to upgrade. Incidents like these, where a compromised computer could give hackers a leg up on future attacks, exemplify the cat-and-mouse game Microsoft is playing with those seeking to breach its security.
Updated June 26 at 12:47 p.m. ET: Specifies that the incident was distinct from the SolarWinds attack