Microsoft admits email hack as Syrian Electronic Army gloats

Pwned again or SEA bravado?

Microsoft has taken the unusual step of admitting that attackers - many suspect the Syrian Electronic Army (SEA) - have successfully breached its security and gained access to access to "law enforcement" documents held by some of its employees.

According to Friday's blog post, the recent targeted attack on the employees' social media and email accounts could lead to the pilfered information being made public.

"While our investigation continues, we have learned that there was unauthorized access to certain employee email accounts, and information contained in those accounts could be disclosed," it said.

"If we find that customer information related to those requests has been compromised, we will take appropriate action. Out of regard for the privacy of our employees and customers - as well as the sensitivity of law enforcement inquiries - we will not comment on the validity of any stolen emails or documents."

This type of attack was not uncommon, Microsoft said, weakly, by way of defence.

The attack has the hallmarks of the Syrian Electronic Army (SEA), which also happens to have claimed the attack as its handiwork. This can't be confirmed until the SEA releases some evidence of the stolen documents.

The SEA has successfully cut a swathe through the social media and email security of numerous high-profile mostly media organisations, including most recently CNN. The SEA also successfully hacked Microsoft's blog site and subsidiary Skype earliee this month.

The message should be is clear by now; contemporary email and password security is no barrier to a determined hacker that knows how to craft attacks to find its weaknesses.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags MicrosoftPersonal Tech

More about CNNMicrosoftSkype

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by John E Dunn

Latest Videos

More videos

Blog Posts