After some of the company’s social-networking accounts were hacked, Microsoft says some of its e-mail accounts were also compromised.
In addition to compromising some of Microsoft’s social-networking accounts, the Syrian Electronic Army also accessed a “small number” of employee e-mail accounts, the company confirmed Wednesday.
The hacking group, which has taken responsibility for an array of breaches in the past couple of years, tweeted three e-mails over the weekend that appeared to originate from Microsoft employee Outlook Web Access accounts. The screenshots posted by the group included conversations among employees regarding recent compromises of Microsoft-owned Twitter accounts.
“A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and e-mail accounts being impacted,” a Microsoft spokesperson said in a statement to CNET. “These accounts were reset and no customer information was compromised. We continue to take a number of actions to protect our employees and accounts against this industrywide issue.”
The Syrian Electronic Army — a political hacking group that supports Syrian President Bashar Assad — appears to be waging a war on Microsoft. Over the weekend, the group took control of the Twitter accounts of Xbox and Xbox Support, along with Xbox’s Instagram account. The company’s TechNet blog was also compromised.
A tweet sent by the group Wednesday indicated that its campaign against the tech giant was not over.
Twitter has long been a favorite battleground for the Syrian Electronic Army, with recent hack victims including the accounts of the parody news site the Onion, the messaging app Viber, The Associated Press, NPR, CBS (parent company of CNET), the Guardian, and the BBC.