Russian Hackers Infiltrate VA Through Microsoft Account

Russian Hackers Infiltrate VA Through Microsoft Account
Photo via

This article by Zamone Perez originally appeared on Military Times, the nation's largest independent newsroom dedicated to covering the military and veteran community.


A Microsoft-based Veterans Affairs account was accessed in January by Russian hackers, but no personal information or other data was compromised, an agency official confirmed.


The Russian state-sponsored hacker infiltrated a Microsoft platform called Microsoft Azure Government, which provides storage, databases and other services to the VA and other government agencies.


VA press secretary Terrence Hayes told Military Times in an email that the server was breached “for just one second, presumably to see if the credentials worked” by a group called Midnight Blizzard, or Nobelium, which has ties to the Russian government, according to Microsoft.


[JULY 17 MOAA WEBINAR: Protecting Yourself, and Your Family, From Cybercrime]


“After investigating the matter, we determined that no patient data was compromised,” Hayes told Military Times. “VA found that Midnight Blizzard used a single set of stolen credentials to access a Microsoft Cloud test environment around January. ... We are continuing to look into this matter with Microsoft to ensure that all veteran patient data remains protected and that we are not compromised in the future.”


Stars and Stripes previously reported the hack.


Microsoft said the attack originally targeted corporate email accounts within the company, including the company’s senior leadership, in an effort to find information related to the group Midnight Blizzard itself. The hacker used a spray attack, which involves using a variety of predictable, simple passwords to try and gain access to an account, according to Microsoft.


“The attack was not the result of a vulnerability in Microsoft products or services,” Microsoft officials said in a January statement. “To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code or AI systems.”


Hayes told Stars and Stripes that the attack was unrelated to a Feb. 21 hack, which involved a private vendor, Change Healthcare, responsible for processing health care payments.


[RELATED: Survivor Scams: 4 Ways to Keep Your Benefits Safe]


That attack included an expansive breach of the U.S. health care system, possibly including the VA. Fifteen million veterans were notified that their private health care information could have been compromised, Veterans Affairs Secretary Denis McDonough said in April.


The cybersecurity attack also included the Peace Corps and the U.S. Agency for Global Media, an independent news group of the federal government that produces Voice of America, Radio Free Europe and Free Asia, according to Stars and Stripes.


Other articles by Military Times:


Marines, Air Force on track for 2024 recruiting; Navy projected to miss


Sailor searched for Biden’s electronic health records, Navy says


ASVAB tutor scams target military prospects, Air Force recruiters say


Get Help Navigating VA Benefits

Questions about VA benefits? Start here. PREMIUM and LIFE Members have direct access to our webinar archive with to-the-point information on everything from claims and appeals to concurrent receipt to home loans and more.

View the Archive Join MOAA