Following a massive campaign of denial of service attacks in early June by cybergang Anonymous Sudan, Microsoft has denied any mass theft of customer data. No evidence of unauthorized or compromising access was detected.
“We have seen no evidence that our customer data has been accessed or compromised,” a Microsoft spokesperson said of cybergang Anonymous Sudan’s claim of stealing data from 30 million customer accounts.
Between cyber attackers and their victims, it is often a game of cat and mouse. After being hit by a vast campaign of denial of service attacks in early June – confirmed a few days later – having affected access to many of its services (Azure, Outlook, OneDrive, etc.), Microsoft has refuted any possible breach of associated data yet affirmed by the group of cybercriminals behind this DDoS attack.
“We are announcing that we have successfully hacked Microsoft and accessed a large database containing over 30 million Microsoft account emails and passwords,” the cybergang said. “We are going to sell this database, so if you are interested, contact us through our bot to negotiate.” The amount requested is $50,000. To support its words, the group of cybercriminals announces that it is offering an extract from this database.
Data of uncertain provenance
While Microsoft has yet to issue a public comment on the alleged data breach, a company spokesperson interviewed by BleepingComputer dismissed the possibility of such data theft: “We have not seen any evidence that the data of our customers has been accessed or compromised […] At this time, our analysis of the data shows that this is not a legitimate claim and is an aggregation of data “. It should be noted that the supposed extract of this hack is composed of a hundred pairs of emails and passwords whose origin is far from reliable.
Also Read : 10% Growth Expected For The IoT Market In 2023