Microsoft said Friday that hackers linked to the Iranian government targeted a US presidential campaign, as well as government officials, media targets, and prominent expatriate Iranians. Overall, the hackers attempted to penetrate 241 accounts—four successfully—though none of those penetrated was associated with presidential campaigns or current or past US officials, Microsoft said. A company spokeswoman declined to identify those targeted, citing customer privacy, per the AP. The announcement is the latest sign that foreign governments are looking for ways to potentially disrupt the 2020 presidential election. US intelligence officials have sounded the alarm about the risks for months.
In a blog post Friday, Microsoft's Tom Burt, corporate vice president for customer security and trust, said the owners of the four accounts that were compromised by the hackers have been notified. The attacks by a group Microsoft calls Phosphorous occurred during a 30-day period between August and September. Burt said the Iranian hackers used password reset and account recovery features to try to take over accounts. For example, they gathered phone numbers belonging to targets to help with a password reset. The hackers researched their targets, making more than 2,700 attempts to identify emails belonging to a specific Microsoft customer. A spokeswoman declined to provide more details.
(More
Iran stories.)