The Syrian Electronic Army isn’t much a fan of Microsoft it seems. After compromising Microsoft social accounts, and one of its blogs, the group today defaced the company’s Office Blog, directly following a redesign of the property.
As The Verge notes, the Syrian Electronic Army had previously promised continued embarrassing shenanigans. Neowin published an image of the defaced blog, as did The Verge. The site has since been at least partially retracted.
As part of prior harassment by the digital group, Microsoft admitted that some of its employees’ email accounts were compromised. Screenshots of mail were tweeted out, showing discourse between executives discussing the hacked social accounts.
It remains unclear as to how much, if any, email from its staff was taken as part of the move. Microsoft at the time did note that no customer information was at risk.
Defacing the Office Blog isn’t much of an existential threat to Microsoft. But if the group’s claim today that “Dear @Microsoft, Changing the CMS will not help you if your employees are hacked and they don’t know about that. #SEA” bears true, the company could be in for more red-faced moments.
Neowin’s Brad Sams has the correct take on the situation:
These types of attacks typically are harmless to Microsoft, aside from the embarrassment, and are typically non-destructive in terms of deleting mass quantities of data. But, an intrusion is an intrusion and you would have thought Microsoft would have ordered all web property passwords to be changed after the first compromise, but here we are with the Office blog having been infiltrated long after the other properties were restored.
The group’s claims that Microsoft employees remain “hacked” is therefore somewhat hard to understand.
For now, Microsoft needs to clean house: This sort of excursion is embarrassing for a company that sells security products, and secured services to companies around the world that depend on their vendors to have their own digital houses in order.
Top Image Credit: Flickr