Data breaches occur regularly, but rarely do we see reputable companies at the other end of them. Yes, that’s a possibility, as major names such as Dish and Activision were recently in the spotlight. But Microsoft? That’s exactly the case, as the infamous threat group Anonymous Sudan claims to have successfully breached the giant.
The so-called hacktivists claim to have infiltrated Microsoft’s servers and stolen credentials for 30 million customer accounts. However, the company denies all the aforementioned allegations.
30 million is a huge number to have been exposed in a single attack, especially when they belong to Microsoft. But the question is: Are the claims true? We’ve discussed everything below.
Anonymous Sudan Scores, Or Did They?
Cybercriminals don’t just sit there waiting for an opportunity to breach a certain company. They elevate their techniques to ensure higher success rates in attacks targeting high-profile entities.
Names like Pepsi and Riot Games fall into that category, as they both fell victim to cyberattacks in recent months. And now, Microsoft is in the spotlight with a huge breach that affected over 30 million accounts.
A month ago, Microsoft addressed that service disruptions and outages impacted several of its services. Those include the likes of OneDrive, Azure, and Outlook.
The company did state that Anonymous Sudan was behind the attack. However, what it didn’t mention is that the breach might have been bigger than that.
The hacktivist group went on and claimed to have successfully hacked Microsoft and gained access to a large database that contained 30 million Microsoft accounts, emails, and passwords.
The group posted the stolen data online, offering the entire selection for $50,000. To solidify their claims, they even included a sample of the data to prove that they did actually breach Microsoft and the information is real.
Also, the post clearly states that Microsoft denied the breach, which is why Anonymous Sudan added a sample. According to a Microsoft spokesperson:
“At this time, our analysis of the data shows that this is not a legitimate claim and an aggregation of data. We have seen no evidence that our customer data has been accessed or compromised.”Source: Bleeping Computer
Despite posting sample data, Microsoft still denied any data breach claims. We don’t know whether the investigation has concluded, but we do hope that such a breach is not true.
30 million accounts are too much to be included in a single attack. A lot of future malicious activities can be performed with that much data. Let’s hope that these are just claims and nothing more.
Microsoft Still Denies!
Despite all the evidence of a present breach, Microsoft still denies everything. Yes, it did disclose an attack last month but has yet to provide additional information about the breach.
Microsoft is a huge company with millions of customers. If the breach is true, a lot can be done with the stolen data. All we need to do is wait for an official announcement by Microsoft and hope for the best.