Another fall-out from the SolarWinds incident has surfaced prompting Microsoft to issue a notice to affected customers that an attacker gained access to one of its customer service agents to launch hacking attacks against some of its customers.
During its continued analysis of the SolarWinds incident, Microsoft recently identified that the Nation-State associated NOBELLIUM group was able to access a customer service agent that it could leverage to launch attacks against customers. Microsoft warned certain customers that NOBELLIUM was able to “review information regarding your Microsoft Services subscriptions.” It is being reported by Reuters that the information that may have been accessed by the threat actor included the Microsoft customers’ billing contact information and the services the customers were paying for. This specific information could be used by the attackers to launch targeted attacks against the customers.
Microsoft warned affected customers so they can be vigilant in communications with billing contacts and to have customer billing contacts change usernames and passwords.