HomeWinBuzzer NewsDoJ Confirms Microsoft 365 Breach Related to the SolarWinds Attack

DoJ Confirms Microsoft 365 Breach Related to the SolarWinds Attack

Attackers have breached the DoJ through Microsoft 365 accounts by using the Solarigate malware from the SolawWinds Orion vulnerability.


The Orion app attack using the Solarigate malware has been dubbed one of the most dangerous breaches of all-time. Numerous victims have come forward following the -backed threat attack. Now, the US Department of Justice (DoJ) confirms it too was compromised through email servers.

In a statement this week, the DoJ says the attack left 3% of its mailboxes vulnerable. However, the department says it has no reason to believe any classified systems were breached during the hack.

Still, the attack was potent enough to be given a rating of “major incident” under the Federal Information Security Modernization Act. The DoJ says “The Department will continue to notify the appropriate federal agencies, Congress, and the public as warranted.”

It is worth noting that while the Solarigate malware can be implemented through 365, it is not specifically Microsoft's problem. In fact, the company has been among the most active in trying to stop its spread.

Microsoft's Role

Microsoft took swift action when the vulnerability and exploit in the SolarWinds Orion app was found. Firstly, the company issued an update for Microsoft Defender o quarantine malicious binaries related to the Solorigate (SUNBURST) attack.

Russia-backed treat actors used the avsvmcloud.com website to host a server for the Solorigate malware. The infection was sent to 18,000 Orion customers. Many of those customers are major organizations and government departments.

Last month, Microsoft President Brad Smith said the attack creates “serious technological vulnerability for the United States and the world”.

Also in December, the and Infrastructure Security Agency (CISA) debuted a PowerShell tool to help Microsoft 365 customers mitigate Solarigate. Microsoft had recently confirmed stolen Azure/Microsoft 365 credentials and access tokens were a part of the breach.

Tip of the day:

If you need to create an ad-hoc network, you can do it on Windows 10. In our tutorial we show you how to easily create a shareable wireless internet connection in Windows 10 as a free WIFI hotspot.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News