A cyberattack on Microsoft’s Office 365 services resulted in the compromise of the private data of 30 million customers, but Microsoft officially denied the allegations.
Last month’s attack disrupted many Microsoft platforms, including Outlook, Microsoft Teams, SharePoint Online, OneDrive for Business, and Azure (Okemwa, 2023a). The incident affected over 18,000 users at its peak. A hacker group known as Storm-1359 was later identified as the source of the DDoS attack, causing the disruptions.
An anonymous hacker collective, Anonymous Sudan, claimed responsibility for the attack on its Telegram channel. A total of one and a half hours were claimed for the outage. In response, Microsoft said the hacker group primarily used the incident to generate publicity and assured customers their data was safe.
Fresh Allegations, Reassuring Denials
On July 2, 2023, the saga took another twist when Anonymous Sudan announced they had breached Microsoft’s security systems and accessed 30 million customers’ data. According to Neowin, this information could be purchased for $50,000. The hackers shared snippets of the purportedly accessed information on their channel to back up their claims.
These allegations, however, were swiftly countered by Microsoft. A company spokesman categorically denied the legitimacy of the claims, stating, “At this point, our analysis of the data shows that it is not a legitimate claim and an accumulation of facts.” Our customer data has not been accessed or compromised.”
The future course of Microsoft’s investigation remains unclear as of now. According to Anonymous Sudan, the attack was executed using Microsoft’s OSI layer 7. OneDrive and Outlook are among the apps that use this layer, which is a critical part of the company’s infrastructure.
Security concerns have recently arisen, but Microsoft remains steadfast in its commitment to customer data security. Data encryption remains the company’s top priority; no evidence has been found supporting the hackers’ claims. This potential crisis will undoubtedly draw customers’ attention worldwide as the events unfold.
References
Okemwa, K. (2023a, June 19). Microsoft blames ddos attack for office 365 disruptions earlier this month. Windows Central. https://www.windowscentral.com/software-apps/microsoft-blames-ddos-attack-for-the-office-365-disruptions-experienced-early-this-month
Okemwa, K. (2023b, July 5). Microsoft denies that 30 million customer accounts have been compromised. Windows Central. https://www.windowscentral.com/microsoft/30-million-customer-accounts-havent-been-compromised-says-microsoft
The Guru's World 
Leave a comment