The US Cybersecurity and Infrastructure Security Agency (CISA) warns that Russian spies who gained access to Microsoft’s email system were able to steal sensitive data, including authentication details and that immediate remedial action is required by affected agencies. In an Emergency Directive dated April 2 but only just disclosed, CISA warned that state-sponsored operatives had managed to exfiltrate email correspondence between Federal Civilian Executive Branch (FCEB) agencies and Microsoft itself following the breach of Redmond’s internal systems reported last month.

Source: The Register