Due to the penetration of a Microsoft customer care agent’s PC, several of the company’s customer support capabilities were accessed by the hacking group Nobelium, which was also linked to the related SolarWinds attack.
According to Reuters, the agent had restricted access and could see information such as which services consumers utilized and their billing contact information.
The hackers, according to Microsoft, used the information obtained from the tools to launch “highly targeted” attacks against individual Microsoft customers.
According to Microsoft, the attack was part of a bigger Nobelium campaign aimed primarily against IT organizations and governments around the world.
Nobelium claims it has contacted consumers who were impacted by the hacking group’s use of the tools and that it no longer has access to the customer service agent’s device.
Today, Microsoft has talked a lot about security, especially in regard to Windows 11, as the firm seeks to make the case for mandating users to update to specified hardware. Incidents like this, in which a single compromised computer might give hackers a leg up on future attacks, exemplify Microsoft’s cat-and-mouse game with those attempting to penetrate its security.