A group of cybercriminals has claimed to have “successfully hacked” Microsoft and got their hands on 30 million accounts, just weeks after successfully causing several outages to Microsoft services via large-scale DDoS attacks.
Microsoft has strongly denied the claims made by the group – which goes by the name “Anonymous Sudan” – and has informed multiple news outlets that they see no evidence behind the claim that the group has customer emails, passwords, and usernames.
Although Microsoft has firmly denied the claims, it’s still an ominous reminder of the importance of using tools that facilitate the creation of complex, unique passwords, such as password managers, to minimize the impact of such attacks when they do occur.
Anonymous Sudan’s Claims Rebuffed By Microsoft
Anonymous Sudan recently posted on messaging app Telegram claiming they had 30 million Microsoft accounts, emails, and passwords for sale, valued at $50,000.
Along with the initial message, they also posted a warning that Microsoft would deny the claims of the breach, along with a sample of the data allegedly extracted from the tech giant's systems.
Bleeping Computer, which has seen the sample provided by Anonymous Sudan, reports that the origin of the data could not be verified and suggested it could be from another breach, for example.
Microsoft has told a number of different news sources, including Cybernews, that they have reviewed the data and do not consider the group’s claim to be genuine, and further, that they have no reason to believe that any Microsoft account holder’s data has been compromised.
Microsoft’s New Nemesis?
DDoS (Distributed Denial of Service) attacks don’t tend to involve data being stolen, and instead, aim to disrupt, slow down, or take a service offline.
However, there are some prior examples of such attacks being orchestrated as a decoy to distract a company’s security team or use up a company's cybersecurity resources while other attacks are carried out.
Some reports suggest the hacking group is Sudanese – as their name suggests – while others have speculated they may be based in the United Arab Emirates. Other sources, however, have suggested the group is backed by the Kremlin and actually based in Russia.
Although Microsoft seems very assured in this case that the group is simply fronting, recently, they did recently admit that the same group was behind a series of large-scale DDoS attacks at the beginning of June that took a number of Microsoft services offline.
Data Breaches: A Persistent Worry
Although this seems like a false alarm – at least according to Microsoft – groups like this pose an ever-present threat to businesses of all sizes. Major data breaches now occur on a weekly – and almost daily – basis and have been prevalent throughout the first half of 2023, facilitated by poorly configured security infrastructure, insider threats, and simple human errors that have opened the gates to attackers.
So common are leaks that it’s important to think not just about prevention, but also damage control. For business owners, it's crucial staff are equipped with the knowledge and tech to help them create strong passwords, spot phishing attacks, and much more.
Granted, breaches and leaks happen – but this will greatly decrease how much damage can be done by a single event, and may even reduce the immediate steps you’ll have to take to reseal your company’s security perimeter.