Microsoft admits employee accounts compromised, documents stolen

Syrian Electronic Army to blame again

TODO alt text

The woe continues for Microsoft as the software giant reveals that during recent cyberattacks on its sites employee accounts were compromised and law enforcement data was stolen.

The company has been under sustained attack from the hacktivist group the 'Syrian Electronic Army' (SEA) in recent weeks. The group took over twitter accounts and blogs, continually taunting Microsoft with the fact that its employees had been hacked and the accounts compromised. The SEA even posted screenshots of employee emails on twitter to prove its claims.

While the group has not been mentioned in the blog post concerning the attacks, it is more than likely that they are the cause of the breach.

Microsoft exposed

What's more, in the statement on Friday, Microsoft disclosed that data and documents associated with law enforcement inquiries were stolen during the hack. The company has said, however, that it will not disclose the validity of these documents due to "the privacy of our employees and customers – as well as the sensitivity of the inquiries".

The SEA, in a conversation with another user on Twitter, claimed that the documents they had stolen were "not just law enforcement inquiries" and that the group intends to publish the documents onto an as-yet unnamed "media site".

Microsoft has reiterated its focus on improving security, citing ongoing employee education, reviews of technology and process improvement as the steps it is undertaking to stop more breaches from occurring. It seems likely, though, that the SEA is not done with Microsoft just yet.