microsoftphotoIt seems not even Microsoft employees are immune to phishing attacks.

Microsoft confirmed today that the Syrian Electronic Army managed to break into its internal email accounts last week by phishing the passwords of a small number of Microsoft employees.

“A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted,” a Microsoft spokesperson said in an email to GeekWire. “These accounts were reset and no customer information was compromised. We continue to take a number of actions to protect our employees and accounts against this industry-wide issue.”

Last week, the SEA broadcast a few messages from the @Xbox and @MSFT_News Twitter accounts, as well as the Official Microsoft Blog, though they were quickly taken down, and Microsoft said at the time that no user data was compromised.

At the time, the SEA published images of what seemed to be Microsoft employee email accounts, with employees discussing the breach. It’s unclear what else the SEA was able to see with their access, though Microsoft insists that no user data was taken.

Still, the SEA may not be done with Microsoft yet. The group recently tweeted “We didn’t finish our attack on @Microsoft yet, stay tuned for more! #SEA”

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline

Job Listings on GeekWork

Find more jobs on GeekWork. Employers, post a job here.