The recent breach into Microsoft’s network and its top executives’ email by hackers, traced back to Russia-state group Midnight Blizzard, was facilitated through an outdated test account with administrative privileges. The hackers employed a technique called “password spraying” to exploit a weak credential and infiltrate the unprotected account. They compounded this access by creating a malicious app, granting it rights to every email on Microsoft’s Office 365 service.

News – Kansas healthcare provider Sunflower Medical Group reports major data breach – TEISS
Kansas-based healthcare provider, Sunflower Medical Group, has reported a major data breach.