Anonymous Sudan, which Microsoft tracks as Storm-1359, is offering the full database of Microsoft customer accounts for $50,000.
Microsoft has hit back at the hacktivists claiming to have infiltrated the tech giant’s servers and stolen the credentials of 30 million customer accounts. Reportedly, the Russian Killnet-affiliated hacktivist group, Anonymous Sudan, recently boasted about breaching Microsoft’s security and accessing millions of accounts belonging to its customers. The hacktivists posted details of the security breach on their Telegram channel, which read:
“We announce that we have successfully hacked Microsoft and have access to a large database containing more than 30 million Microsoft accounts, emails, and passwords … We will begin selling this database, so if you’re interested, contact us at our bot to negotiate.”
The gang, which Microsoft tracks as Storm-1359, is offering the full database of Microsoft customer accounts for $50,000. The hacktivists also provided 100 email password combinations as a small sample to prove their claims. However, in its statement, Microsoft denied these claims.
“At this time, our analysis of the data shows that this is not a legitimate claim and an aggregation of data. We have seen no evidence that our customer data has been accessed or compromised.”
Previously, Anonymous Sudan has been involved in DDoS attacks targeting Western organizations. In February 2023, the group targeted Swedish organizations with a series of DDoS attacks in response to a Quran-burning incident in Stockholm.
However, cybersecurity experts claim that the attack was actually a false-flag campaign by Russia to encourage hatred between Sweden and Muslim countries. More recently, Anonymous Sudan disrupted the official website of SAS (Scandinavian Airlines) website and took down the Microsoft 365 software suite, including Outlook and Teams.
The gang has previously attacked Microsoft as well. In a statement released in mid-June, Microsoft confirmed that Anonymous Sudan had launched Layer 7 DDoS attacks against the software vendor. The attack was detected in early June 2023 when the company noticed an unusual rise in traffic against some of its services.
As a result, the services became temporarily unavailable. Microsoft noted that the hacktivists had accessed botnets and tools to launch DDoS attacks from cloud services and open proxy infrastructures.
This is a developing story. At the moment, there is no clarity on whether Anonymous Sudan breached Microsoft’s security since the data sample it has provided is yet to be verified. We will keep updating our readers with the latest on this incident.
RELATED NEWS
- Russian Killnet Hackers Claim Data Theft of FBI Agents
- Killnet Hits European Parliament Website with DDoS Attack
- Yandex Source Code Online Leaked, Company Denies Hack
- Microsoft Discloses DDoS Attack Impact with Limited Details
- Twitter Denies Any Hack Attack in 200M Account Leak Scare