Microsoft Denies Major 30 Million Customer-Breach

Written by

Microsoft has hit back at claims from a shadowy hacktivist outfit that it managed to breach the company and obtain account access for tens of millions of customers.

Anonymous Sudan, which has been linked in the past to pro-Kremlin groups like Killnet, posted the details of its alleged raid on Telegram.

Read more on Microsoft breaches: Microsoft: 44 Million User Passwords Have Been Breached

In a post seen by Infosecurity, it said: “We announce that we have successfully hacked Microsoft and have access to a large database containing more than 30 million Microsoft accounts, emails and passwords … We will begin selling this database, so if you’re interested, contact us at our bot to negotiate.”

The group said it would be selling the haul for $50,000. It attached what it claimed to be a “small sample” of compromised details as proof of its word.

However, a brief statement from Microsoft was pretty unequivocal.

“At this time, our analysis of the data shows that this is not a legitimate claim and an aggregation of data. We have seen no evidence that our customer data has been accessed or compromised,” it noted.

Anonymous Sudan has caused trouble for Microsoft in the past. The tech giant admitted in mid-June that the group, which it tracks as “Storm-1359,” had been responsible for Layer 7 DDoS attacks against it earlier that month.

“Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability,” it explained at the time. “Microsoft assessed that Storm-1359 has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures. Storm-1359 appears to be focused on disruption and publicity.”

In the same blog post, Microsoft claimed that it had seen “no evidence that customer data has been accessed or compromised.”

In February, Anonymous Sudan claimed responsibility for a number of DDoS attacks against Swedish companies which it said were retaliation for an incident of Quran burning near Turkey’s embassy in Stockholm.

However, experts at the time assessed the cyber-attacks may have been a Russian false-flag campaign designed to continue whipping up hatred towards Sweden in Muslim countries like Turkey, which has a veto over the country’s accession to NATO.

What’s hot on Infosecurity Magazine?