The firm has been hit repeatedly by the Syrian Electronic Army in recent weeks, with both Microsoft's blogs and Skype accounts hit during the attacks.
The company has now provided more insight into the effect of these attacks, with Adrienne Hall, general manager for Trustworthy Computing Group, explaining in a blog post that it would be talking to those affected as more information comes to light.
"We have learned that there was unauthorised access to certain employee email accounts, and information contained in those accounts could be disclosed. It appears that documents associated with law enforcement inquiries were stolen," she wrote.
"If we find that customer information related to those requests has been compromised, we will take appropriate action. Out of regard for the privacy of our employees and customers – as well as the sensitivity of law enforcement inquiries – we will not comment on the validity of any stolen emails or documents."
Hall also confirmed that Microsoft is stepping up its efforts to beat cyber criminals, including better staff training and awareness of the threats they face.
"We continue to further strengthen our security," she said. "This includes ongoing employee education and guidance activities, additional reviews of technologies in place to manage social media properties, and process improvements based on the findings of our internal investigation."
The incident underlines the perils facing busineses of all sizes – and the need for strong passwords and staff education – with even a tech giant such as Microsoft caught out by cyber attacks and phishing scams.
No comments:
Post a Comment