Syrian Electronic Army hits Microsoft…again

It’s a bad month to be one of Microsoft’s social media properties.

The Syrian Electronic Army managed to take over the company’s @MSFTnews and @Xbox Twitter handles, as well as the Official Microsoft Blog for a short time today. The attack comes a week and a half after the group hit Skype’s social media properties on New Year’s Day. Like last week’s attack, the group of hackers loyal to Syrian President Bashar al-Assad took the opportunity to claim responsibility, as well as repeat their claim that Microsoft is selling user data from its email services to the U.S. Government.

At the time of the Skype attack, Microsoft said that there was no sign that any user data was at risk, and the company doesn’t seem to think this attack is any different.

“Microsoft is aware of targeted cyberattacks that temporarily affected the Xbox Support and Microsoft News Twitter accounts. The accounts were quickly reset and we can confirm that no customer information was compromised,” a Microsoft spokesperson said in a statement emailed to GeekWire.

Still, this attack brings a new, potentially troubling wrinkle: SEA is publishing what it claims to be internal emails between Microsoft employees discussing the breach. Microsoft hasn’t confirmed the veracity of any of the emails the SEA has published, but if they are accurate, that could point to the hackers having deeper access into the company’s systems than was previously known.

UPDATE (Jan. 12, 11:10 a.m.): Microsoft provided the following statement about the attack on the Official Microsoft Blog to GeekWire via email:

Microsoft is aware of a targeted cyberattack that temporarily affected the Official Microsoft Blog. The account was quickly reset and we can confirm that no customer information was compromised.

Following the targeted cyberattack that temporarily affected the Official Microsoft Blog, as a precaution, all TechNet blogs were taken offline. After a review, we determined that the Official Microsoft Blog was the only blog impacted and we restored all TechNet blogs.

  • Guest

    This act of aggression will not stand. I think I speak for everyone when I insist that our President declare cyberwar on Syria. At the very least, let’s have Anonymous fire the first few salvos.

  • http://www.ravencables.co.uk/ Raven Cable Assembly

    The accounts were quickly reset and we can confirm that no customer information was compromised.