Microsoft detailed attempts by a Russian state-sponsored hacking group called Midnight Blizzard to breach its systems by using information stolen from its corporate emails systems in late November 2023, which it first disclosed in a SEC filing early this year.

In a blog and updated SEC filing, the tech giant stated it has seen evidence that Midnight Blizzard is “using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorised access,” which it noted included access to some of the company’s source code repositories and internal systems.

It stated Midnight Blizzards has ramped up the volume of some aspects of its attacks, such as “password sprays”, by as much as tenfold since the first attacks in February. It stated Midnight Blizzard, also known as NOBELIUM, could be using the information “to accumulate a picture of areas to attack and enhance its ability to do so”.

Microsoft stated it has “increased its security investments, cross-enterprise coordination and mobilisation, and have enhanced our ability to defend ourselves and secure and harden our environment against this advanced persistent threat”.

“We have and will continue to put in place additional enhanced security controls, detections, and monitoring”.

Microsoft explained there is no evidence to date that its hosted customer-facing systems have been compromised.