Microsoft reporting data breach belonging to 2020 U.S. Presidential campaigns

Brauntek Cyber Security News and Alerts

A campaign believed to be tied to the Iranian government attempted to identify, attack and breach email addresses belonging to U.S. presidential campaigns, government officials and journalists, according to new data unveiled by Microsoft, highlighting the continued global security threats that loom over the fast-approaching 2020 election.

The campaign observed by Microsoft, which it dubbed Phosphorus, made more than 2,700 attempts to identify email addresses that belonged to the company’s customers over a 30-day period between August and September, 241 of which were then attacked. Four were compromised, but they do not belong to presidential campaigns or government officials, according to the tech giant.

Microsoft said it notified the customers attacked and has worked with those whose accounts were compromised to secure them. It declined to disclose the names of the account holders.

According to Microsoft, Phosphorous hackers tried to figure out how to reset passwords or otherwise trigger account recovery features to take over accounts.

In some instances, Microsoft found that the group gathered phone numbers belonging to its targets to try to authenticate password resets.



Washington Post


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.