A hacker group that calls itself the Syrian Electronic Army (SEA) compromised several Microsoft Twitter accounts and its central corporate blog over the weekend, two weeks after it hacked the firm's Facebook and Twitter accounts for Skype. Microsoft admitted to the hacks and noted that no customer data was compromised.
"Syrian Electronic Army was here," one tweet from Microsoft News read. Another promoted rival web browsers.
Although the SEA has no official connection to the repressive Syrian government, it professes loyalty to Syria President Bashar al-Assad, who is currently waging a civil war against a rebellion in his country. The group regularly targets Western websites and social networking accounts.
After Microsoft's Facebook and Twitter accounts for Skype and Xbox Support on Twitter were hacked two weeks ago, many assumed that the tech giant had moved to secure its other public-facing PR accounts. But over the weekend, the SEA seized control of The Official Microsoft Blog and various corporate Twitter accounts, posting silly message or anti-Microsoft propaganda.
The official Microsoft News account on Twitter briefly offered the following dubious advice. "Don't use Microsoft emails (Hotmail, Outlook). They are monitoring your accounts and selling the data to the governments."
Curiously, Microsoft chose to address that claim.
"We're actively investigating issues and are focused on protecting our employees and corporate network," a Microsoft statement notes. "Microsoft is sometimes obligated to comply with legal orders from governments around the world and provides customer data only in response to specific, targeted, legal demands."
More worrisome, perhaps, are claims that the SEA has somehow gotten ahold of internal Microsoft email messages about the hacks. This suggests that the hacker group has a deeper foothold inside the firm than previously thought. An email message from Microsoft's Steve Clayton, who oversees the Official Microsoft Blog, suggested that a "back door has been found" in the bitly URL shortening service used by many Twitter accounts.
Although the incident is embarrassing to the tech giant, Microsoft is at least in good company. The Associated Press, BBC, Financial Times, Guardian, New York Times, Reuters, and Washington Post have also been hacked by the SEA in recent months.