SolarWinds attackers had access to US prosecutors' email

The attackers behind the SolarWinds attack had access to email accounts of nearly 30 US state prosecutors for months, the US Department of Justice has announced . Attackers managed to gain access to the Microsoft Office 365 e-mail environment at these organizations and compromise the e-mail accounts of one or more employees.

Earlier this year , the ministry already reported that it had also become a victim of the SolarWinds attack and that the Office 365 mail environment had been compromised. Preliminary investigations revealed that the Justice Department attackers had compromised about three percent of Office 365 mailboxes. In an update on the incident, the ministry said that a total of 27 public prosecutors from several states were victims of the attackers.

From May 7 to December 27, 2020, they had access to the e-mail accounts of employees of the public prosecutors in question. It is assumed that there was full access to all emails and attachments. The number of affected email accounts varies by state, but in the case of New York State, the attackers managed to compromise at least 80 percent of all email accounts.

Earlier , the Cybersecurity and Infrastructure Security Agency (CISA) of the US Department of Homeland Security warned that attackers had used a backdoor in the SolarWinds software to compromise US government networks and penetrate Microsoft 365 environments from there.

Previous Post Next Post