Microsoft Data Breach

Alleged Microsoft Data Breach: Anonymous Sudan Offers 30 Million Stolen Credentials for Sale

Microsoft Data Breach – Anonymous Sudan, a vicious hacktivist group, claimed to have stolen the credentials of millions of Microsoft user accounts.

They even offered to sell the data for $50,000 on their Telegram Channel.

However, Microsoft plainly denied that any data breach actually occurred.

Background Of Microsoft Data Breach

Last month, Microsoft faced widespread service interruptions, including Outlook email, OneDrive file-sharing apps, and Azure cloud computing infrastructure.

The hacking group, Anonymous Sudan (also known as Storm-1359), claimed responsibility for the distributed denial-of-service (DDoS) attacks that targeted the company’s services.

Initially, Microsoft did not provide detailed information about the outages but later confirmed the DDoS attacks in a report published on June 16.

Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability.

Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks

The company promptly initiated an investigation and identified ongoing DDoS activity attributed to the threat actor known as Storm-1359 i.e. Anonymous Sudan.

Anonymous Sudan Offers To Sell The Stolen Data

While Microsoft stated that no evidence indicates customer data has been accessed or compromised, Anonymous Sudan claimed to have stolen credentials for over 30 million Microsoft accounts.

The group announced the successful hack on its Telegram channel, offering to sell the alleged database for $50,000.

They even shared a sample of the stolen data as proof.

Microsoft Data Breach
Anonymous Sudan’s Post on Telegram (Source: Bleeping Computer)

Response From Microsoft

When asked for comment, Microsoft denies any data breach claims.

We have seen no evidence that customer data has been accessed or compromised.

Microsoft has yet to release a public statement regarding the alleged data breach.

Till now, Microsoft maintains that there is no evidence to suggest that customer data has been compromised.

Is The Evidence Valid?

Even though the hacker group provided 100 credential pairs of stolen accounts as proof of their claim, the validity of the data offered by Anonymous Sudan remains uncertain.

The origin and authenticity of the provided data could not be verified.

For more news and updates on Cybersecurity, visit The Cybersecurity Club.

Satellite Hacking 101: How Hackers Took Over a Government-Owned Satellite

BlackByte 2.0: Microsoft Uncovers The Ruthless Efficiency Of Ransomware Attacks

DOJ Arrested 20 Years Old Russian Lockbit Hacker

Phone Scam Gang Busted In An International Policing Operation