Tech giant, Microsoft, has allegedly experienced a security breach where sensitive employee data has been reportedly leaked by a threat actor named “888” on a dark web crime forum.
The hacker alleges that they acquired the data by exploiting a breach involving a third-party connected to Microsoft. This breach has resulted in the exposure of personal information belonging to a total of 2,073 employees.
Here is a list of the data that has been compromised:
It appears that the internal employee database was accessed in this breach, but the exact scope of the data breach is still uncertain.
The hacker, who is also suspected of recently leaking Nokia employee data, has a significant reputation within the dark web community, which lends credibility to the claims.
Based on our findings, it appears that the data posted on the dark web forum can be somehow legitimate.
Upon cross-referencing the leaked information with LinkedIn profiles, it was found that the names, job titles, and other details perfectly aligned with those of real Microsoft employees. These positions spanned from project managers to the Vice President of Azure.
Employees whose information has been exposed face a higher risk of falling victim to phishing and spoofed emails.
These deceptive tactics may lead them to unknowingly disclose more sensitive information or inadvertently give cybercriminals access to the company's infrastructure.
High-level executives are at a higher risk in the breach due to their elevated access within the company's systems.
It is possible that the Nokia employee breach and this breach are connected, as they both involve the same dataset and field names. This suggests that both companies may have had their data exposed simultaneously, potentially due to a data management software issue.