- Russian hackers breached Synnex, a third-party IT contractor that works with Microsoft accounts, last week.
- The attack took place around the same time a major ransomware attack was executed by a Russian-linked criminal group.
- Bloomberg News reported the hackers belonged to a group known as APT 29 or Cozy Bear.
- See more stories on Insider’s business page.
Russian government hackers breached Synnex, a third-party IT contractor that works with Microsoft last week, around the same time a major ransomware attack was tied to a Russian-linked criminal group.
Bloomberg News reported that hackers breached the Republican National Committee’s computer systems, but an RNC spokesperson denied that allegation to Insider, saying the group’s team worked with Microsoft to immediately confirm that no RNC data was accessed in the Synnex breach.
Two people familiar with the incident told the outlet that the hackers are part of a group known as APT 29 or Cozy Bear, which has been linked to Russia’s foreign intelligence service. The hackers were previously accused of breaching the Democratic National Convention in 2016 and infiltrating nine US government agencies during a supply-chair cyberattack that was disclosed in December, Bloomberg reported.
The breach comes less than a month after President Joe Biden warned Russian President Vladimir Putin about cyberattacks at a June 16 summit.
A representative for the Russian Embassy in Washington, DC, did not immediately respond to Insider’s request for comment.
RNC Chief of Staff Richard Walters confirmed to Insider that no RNC data was accessed in the breach.
“Over the weekend, we were informed that Synnex, a third party provider, had been breached. We immediately blocked all access from Synnex accounts to our cloud environment,” Walters said. “Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials on this matter.”
The IT corporation, Synnex, said it was aware of a “few instances where outside actors have attempted to gain access, through Synnex, to customer applications within the Microsoft cloud environment,” in a press release.
A representative for Synnex did not immediately respond to Insider’s request for comment.
Michael Urban, president of worldwide technology solutions distribution at Synnex told Bloomberg the company was unable to provide specifics while it conducts a full review.
It was unclear if the Synnex breach was in any way tied to the
attacks that took place around the same time, which targeted 200 American businesses using vulnerabilities in Kaseya, a Miami-based IT firm.
Cybersecurity experts have tied the massive attack to Russian-based criminal ransomware-as-a-service organization, REvil, which most recently attacked meat supplier JBS.