The hackers “tailored their password spray attacks to a limited number of accounts, using a low number of attempts to evade detection and avoid account blocks based on the volume of failures,” according to a Microsoft blog post published late Thursday.
Cybersecurity experts had previously told Bloomberg News they believed the compromised account wasn’t using multifactor authentication, a basic security measure. That’s because it was hacked using a “password spray” technique that typically ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.