The so-called hacktivists “Anonymous Sudan” have claimed that they broke into Microsoft’s servers and stole login information for 30 million user accounts, but Microsoft has refuted their allegations.
In recent months, distributed denial-of-service (DDoS) assaults by Anonymous Sudan targeting Western targets have gained notoriety. Affiliation with pro-Russian hacktivists like Killnet has been verified by the organization.
Microsoft acknowledged last month that service interruptions and outages at the start of June, which had an effect on a number of its services, including Azure, Outlook, and OneDrive, were caused by Anonymous Sudan.
In a statement released yesterday, the hacktivists claimed to have “successfully hacked Microsoft” and “accessed a large database containing more than 30 million Microsoft accounts, emails, and passwords.”
In order to negotiate the acquisition of the database, Anonymous Sudan asked potential purchasers to get in touch with their Telegram bot. They offered to sell this database to interested parties for $50,000.
Even a sample of the data they allegedly took from Microsoft is included in the post, along with a warning that Microsoft will dispute their allegations.
The gang offered 100 credential pairs, but it was impossible to determine where they came from (they were outdated records obtained from a third-party service provider’s breach that were taken from Microsoft’s servers).
Microsoft was approached by BleepingComputer for a response about the veracity of Anonymous Sudan’s assertion, and a business representative categorically refuted any claims of a data leak.
A firm official informed BleepingComputer, “At this time, our analysis of the data shows that this is not a legitimate claim and an aggregation of data.”
“We have seen no evidence that our customer data has been accessed or compromised” – Microsoft spokesperson
Microsoft’s inquiry may still be underway, but it is not yet apparent if it is finished. Additionally, it is unknown how the business will respond to a prospective data release to the public.