Microsoft confirms law enforcement docs stolen during recent hacks

Microsoft sign outside glass building

A recent spate of cyber attacks against Microsoft has resulted in sensitive documents being stolen, the software giant has confirmed.

The vendor has been subjected to a series of attacks in recent weeks by a group claiming to be affiliated with the Syrian Electronic Army (SEA). These have resulted in its company blogs, social networking feeds and internal email accounts being hijacked.

Up to now, the reason for the attacks has been unknown. However, a recent blog post by Adrienne Hall, general manager of Microsoft's Trustworthy Computing Group, has shed some light on a possible motive.

"It appears that documents associated with law enforcement inquiries were stolen," Hall revealed.

"Out of regard for the privacy of our employees and customers as well as the sensitivity of law enforcement inquiries we will not comment on the validity of any stolen emails or documents," she added.

She then goes on to assure end users that if any customer data related to the requests has been compromised, the company will take "appropriate action".

"In terms of the cyber attack, we continue to further strengthen our security. This includes ongoing employee education and guidance activities, additional reviews of technologies in place to manage social media properties, and process improvements based on the findings of our internal investigation," she added.

In a tweet published over the weekend, the SEA appeared to rubbish Microsoft's claims, claiming "it's not just law enforcement inquiries'" that have been allegedly taken by the hacktivist group.

In a further blog post, independent security expert Graham Cluley suggested the stolen documents could contain the information requests Microsoft receives from governments about specific users.

"Once again, questions will be asked as to whether large organisations are taking enough steps to properly protect the most sensitive information," said Cluley.

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.