Microsoft is contesting the claim that members of Anonymous Sudan hacked into the company’s internal servers, stealing the credentials of 30 million accounts. The American hardware and software company does confirm that the hacker group has attacked Microsoft in the recent past. This is what a spokesperson for the company tells BleepingComputer when asked.
Microsoft target of DDoS attack
Last month, Microsoft was the target of a large-scale DDoS attack. In addition, various services experienced serious disruptions, including Azure, Outlook, Teams and OneDrive. In its own words, there was no evidence that customer data had been accessed or stolen. Investigations revealed that Anonymous Sudan, also known as Storm-1359, was behind these attacks. Microsoft has been following this group of hacktivists for quite some time, and according to the hardware and software company, they have carried out several large-scale DDoS attacks on Western institutions in recent months.
Hackers group offers database for sale
Last weekend, Anonymous Sudan posted a message on Telegram. In it, the hacktivists claimed that they had managed to hack Microsoft. They reportedly stole a large database containing credentials for more than 30 million Microsoft accounts. For $50,000, interested parties could purchase the usernames, email addresses, and passwords dataset. Anonymous Sudan added a data sample to the message to back up their words. However, the origin of these dates could not be determined with certainty. It may have been stolen from Microsoft, but it is also old data that was stolen from a third party in the past.
Microsoft: ‘No indications that customer data has been accessed or stolen
BleepingComputer contacted Microsoft and asked to what extent it was true that Anonymous Sudan had stolen the login details of more than 30 million Microsoft accounts. A spokesperson for the company denied the hacker group’s claims.”At this point, our data analysis shows that this is not a legitimate claim and an aggregation of data. We have seen no evidence that our customer data has been accessed or compromised,” the spokesperson said.It is unclear whether Microsoft has completed its investigation into the DDoS attack and possible data theft at this point or whether it is still in progress.