2021 Microsoft Exchange Server data breach

A global wave of cyberattacks and data breaches began in January 2021 after four zero-day exploits were discovered in Microsoft Exchange Servers, giving attackers full access to user emails and passwords on affected servers.

In March 2021, it was estimated that 250,000 servers fell victim to the attacks, including servers belonging to around 30,000 organizations in the United States, 7,000 servers in the United Kingdom,^[1] as well as the European Banking Authority, the Norwegian Parliament, and Chile's Commission for the Financial Market (CMF).^{[2][3][4][5][6][7]}

References

1. "Microsoft hack: 3,000 UK email servers remain unsecured". BBC News. 12 March 2021. Archived from the original on 15 March 2021. Retrieved 12 March 2021.
2. Murphy, Hannah (9 March 2021). "Microsoft hack escalates as criminal groups rush to exploit flaws". Financial Times. Archived from the original on 16 March 2021. Retrieved 10 March 2021.
3. O'Donnell, John (8 March 2021). "European banking regulator EBA targeted in Microsoft hacking". Reuters. Archived from the original on 11 March 2021. Retrieved 10 March 2021.
4. Duffy, Clare (10 March 2021). "Here's what we know so far about the massive Microsoft Exchange hack". CNN. Archived from the original on 16 March 2021. Retrieved 10 March 2021.
5. "Chile's bank regulator shares IOCs after Microsoft Exchange hack". BleepingComputer. Archived from the original on 2021-07-23. Retrieved 2021-03-17.
6. "Comisión para el Mercado Financiero sufrió vulneración de ciberseguridad: no se conoce su alcance". BioBioChile - La Red de Prensa Más Grande de Chile (in Spanish). 2021-03-14. Archived from the original on 2021-07-22. Retrieved 2021-03-17.
7. V, Vicente Vera. "CMF desestima "hasta ahora" el secuestro de datos tras sufrir ciberataque". Diario Financiero (in Spanish). Archived from the original on 2021-03-15. Retrieved 2021-03-17.