We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies and your choices here. By continuing to use this site, you accept these cookies.

Hackers hit Microsoft customer service system, make off with data

The same hackers behind the SolarWinds attack were able to place information-stealing software on a customer service rep's computer, the company says.

James Martin/CNET

Microsoft said Friday that hackers breached a computer used by one of its customer service agents and stole account data they then used to launch "highly targeted" attacks on customers. The company identified the hacking group as Nobelium, the same one behind last year's major SolarWinds breach.

Microsoft has secured the computer, which the hackers infected with information-stealing software, and notified the "small number" of affected customers, it said in a Friday post on its Security Response Center site.

The company sent a warning to affected Microsoft Services subscribers, saying the hackers had access to information during the second half of May, Reuters reported late Friday. The pilfered data included billing contact information and what services the customers pay for, the news outlet said. Hackers can use such basic data in bogus emails and phone calls as part of phishing attacks that can help them gain access to more-sensitive information.

Microsoft warned the impacted customers to exercise caution regarding communications with billing contacts and suggested changing related passwords and usernames, Reuters reported. The company also urged customers to be sure to use multi-factor authentication to protect against hacks. Microsoft's investigation of the breach is ongoing, and it hasn't yet found that any customers were successfully compromised.

The tech giant said it discovered the breach while looking into new activity by the Nobelium group. It said just over half that activity was aimed at information-technology companies, followed by government agencies and then a small percentage of nongovernmental agencies, think tanks and financial services firms.

The SolarWinds hacking campaign made headlines in December 2020. It used tainted software from IT management company SolarWinds, along with other hacking methods, to breach thousands of organizations and tunnel deeper into at least nine federal agencies and 100 private companies, Microsoft among them.

Microsoft had no further comment on the customer service breach, apart from its blog post.

Read more: SolarWinds hackers: What you need to know