Microsoft: Law enforcement inquiry documents stolen in recent phishing attacks

Over the past few weeks, Microsoft has been the victim of attacks that have defaced the official blogs, Twitter accounts and Facebook pages of several of its properties. The group known as the Syrian Electronic Army has claimed responsibility for these events, the most recent of which hit the official Microsoft Office blogs earlier this week.

Microsoft admitted last week, "A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted." While the company has yet to state that the SEA is responsible, Microsoft has now offered more information on these attacks that may show the impact may be bigger than first thought.

In a post on the Trustworthy Computing blog, Microsoft stated:

While our investigation continues, we have learned that there was unauthorized access to certain employee email accounts, and information contained in those accounts could be disclosed. It appears that documents associated with law enforcement inquiries were stolen. If we find that customer information related to those requests has been compromised, we will take appropriate action. Out of regard for the privacy of our employees and customers – as well as the sensitivity of law enforcement inquiries – we will not comment on the validity of any stolen emails or documents.

In other words, it appears that the person or persons that were in charge of these attacks has gotten their hands on legal documents that are requesting Microsoft to turn over data. The blog concludes that the company is taking steps to "further strengthen our security" including  "ongoing employee education and guidance activities, additional reviews of technologies in place to manage social media properties, and process improvements based on the findings of our internal investigation."

Report a problem with article
Previous Story

Microsoft: Windows Phone activations doubled during 2013 holiday season

Next Story

New VLC Windows 8 screenshots show revamped UI

12 Comments

Commenting is disabled on this article.

I think it is difficult for anyone, a private person, small or large business to withstand a coordinated targeted attack by those *******s.

You would think people who work at a software company would be a bit better at not falling for these kinds of attacks. Unless they targeted the bussiness people, in which case I can see why (<< that was a joke)

Microsoft has many social accounts set up to help others, these Hackers/Phishers so chances are some poor soul got linked to malicious code that perhaps even exploited their browser or their PDF readers.. etc

So some poor tech support person tries to help, gets their main account details compromised and from there the hackers and their team get to work combing through and backing up any data they can

I have to think a few Exploits were involved in these hacks not just social phishing, but phishing can gain you a heck of a lot of useful info to get into other accounts over time

Ha the only fix is for anyone with access to these accounts/blogs etc Wipe their PCs and then change many of your account details, No good to change account details before you wipe your potentially compromised and monitored PC

dingl_ said,
Microsoft has many social accounts set up to help others, these Hackers/Phishers so chances are some poor soul got linked to malicious code that perhaps even exploited their browser or their PDF readers.. etc

My guess is the phishers merely linked to a spoofed version of Microsoft's corporate Outlook Web Access login page, and so took the user's credentials to email. From there access to attachments, and forgot-password access to a blog and Twitter are available. Nothing more complex required. I base this on SEA's statement they got access to email.

I predict SEA will be broken up in a significant way by Microsoft in a month. This attack touched a lot of points, and the chances are SEA didn't cover tracks at at least one point.

Edited by waded, Jan 25 2014, 3:40pm :

they don't collude with the NSA, they abide by the law.. which if you live in the US your great country made for secret court orders which not even the company involved can talk about OR refuse

Google abides, Apple, Microsoft any company in the United States of America is subject to any orders given by NSA, DHS so on& so forth

Yes, Microsoft is the only American company "colluding" with the NSA, whereas Apple, Google and the rest care for your privacy so much they are willing to challenge the government on your behalf and refuse official orders.

Dot Matrix said,
You can start by hiring competent social media employees.

Competency costs money. No one wants to pay for competency anymore...