IMF confirms some accounts were hacked following cyberattack

According to the press release, the IMF detected the breach in mid-February this year, after which it brought in independent cybersecurity experts to launch an in-depth investigation and determine the nature of the breach. The investigation determined that 11 IMF email accounts were compromised. 

Connections to Microsoft

“We have no indication of further compromise beyond these email accounts at this point in time,” the IMF said in the announcement. “The investigation into this incident is continuing.”

Following the discovery, the IMF took certain “remediation actions”, but did not elaborate what that exactly means. It said that the impacted accounts were re-secured.

“The IMF takes prevention of, and defense against, cyber incidents very seriously and, like all organizations, operates under the assumption that cyber incidents will unfortunately occur. The IMF has a robust cybersecurity program in place to respond quickly and effectively to such incidents,” it concluded in the press release.

In a short statement given to BleepingComputer, the IMF confirmed using Microsoft 365, but stressed that the incident “does not appear to be part of Microsoft targeting.”

Earlier this year, Microsoft announced it was being targeted by a Russian state-sponsored threat actor known as Midnight Blizzard. This group dwelled on Microsoft’s systems for a month, and stole roughly two dozen corporate emails.

A few days after the news broke, Hewlett Packard Enterprise (HPE) reported of Russian hackers also breaching some of its Microsoft Office 365 email accounts and stealing sensitive data found there.

More from TechRadar Pro

• Microsoft says it is still facing Russian cyberattacks — internal systems hit as computing giant comes under attack
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now