Skip to main content

Microsoft comes clean: The Syrian Electronic Army also hijacked company email accounts

After days of pressure, Microsoft has admitted that an attack on its Twitter accounts and one official blog also compromised some of its internal emails.

The attack was carried out by the pro-Assad Syrian Electronic Army (SEA), who have made headlines over the past year with hacks of several high profile sites.

The SEA posted several screen captures of emails purporting to be from Steve Clayton, the man in charge of the Twitter accounts and blog. While at first it wasn't clear whether the emails were genuine, Microsoft have now confirmed that they are.

The Redmond-based company released the following statement to the press:

"A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted. These accounts were reset and no customer information was compromised."

Microsoft added, "We continue to take a number of actions to protect our employees and accounts against this industry-wide issue."

According to one of the emails, the link-shortening service was the suspected vector of the SEA attack, although this has not been confirmed.

One thing that does seem to have been a factor is weak password selection.

"A Microsoft employee wanted to make his password more stronger, so he changed it from 'Microsoft2' to 'Microsoft3' #happened," the SEA scoffed in a recent tweet.

The SEA has so far published the emails of three employees of the software giant, but it's unclear whether further accounts have been compromised.

On Wednesday, the SEA warned Microsoft to "stay tuned for more," although whether this refers to possible further attacks, or simply further release of compromised data is hard to say.

The Syrian Electronic Army rose to notoriety after hacking the White House, a Twitter feed belonging to President Barrack Obama, and more recently Skype, which was hacked at the start of January.