Microsoft: Some Employee Email Accounts Were Compromised By The Syrian Electronic Army

After its social properties were compromised, Microsoft today indicated that a “small number” of its employee’s Outlook accounts were hacked by the Syrian Electronic Army as well. The online group had previously tweeted out screenshots of emails purportedly from Microsoft staffers.

As The Verge notes, those published screenshots “mainly discuss[ed] the latest compromises of several Microsoft-owned Twitter accounts.” Included among the published screenshots was an email from Steve Clayton to Frank Shaw. Luckily for the two their disclosed dialogue was pedestrian.

It is unclear the extent of the security breach, and if emails were taken from the accounts or in other ways stored that could prove embarrassing for Microsoft. To have your social accounts’ security snapped is par for the course in our current age. To have your email systems broken into is another game, especially if you are the company that built the system, and if you’re selling it to companies around the world.

Microsoft provided a statement to The Verge stating that a “social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted” in the incident. The accounts in question have been “reset” according to the company. No customer information was compromised, it claims.

That’s fine, but what the SEA could have found inside the inboxes of key Microsoft employees could be damaging, or embarrassing, or both. That’s not to say that the employees in question are more salacious than average, but more that we all speak more freely when in private than public.

If the SEA delved during its incursion, it might have uncovered a number of internal plans and methods. Should those leak to the media, Microsoft could lose control of its own news cycles for some time to come.

Top Image Credit: Flickr