In an official blog post, Adrienne Hall of Microsoft’s Trustworthy Computing Group said that after employees’ accounts were illegally accessed by the hackers, and emails and documents stolen.
A natural deduction is that the blog’s reference to “documents associated with law enforcement inquiries” means requests from governments asking Microsoft to hand over information about specific users.
During January to June 2013, Microsoft said that it received 37,196 requests from law enforcement agencies potentially impacting 66,539 user accounts. It revealed more details of how it dealt with government data requests in its 2013 transparency report.
Hmm. It sounds to me like Microsoft, in this latest security incident, may have been somewhat more “transparent” in its dealing with government data requests than any right-minded individual would want them to be.
Once again, questions will be asked as to whether large organisations are taking enough steps to properly protect the most sensitive information.
A tweet from the notorious Syrian Electronic Army (SEA), who were responsible for the hijacking of Microsoft social media accounts, suggests that the information may be eye-opening.
We’ll have to wait and see if the SEA, if it is indeed responsible for this hack against Microsoft, is true to its word and releases any information.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
