A recent spate of cyber attacks against Microsoft has resulted in sensitive documents being stolen, the software giant has confirmed.
The vendor has been subjected to a series of attacks in recent weeks by a group claiming to be affiliated with the Syrian Electronic Army (SEA). These have resulted in its company blogs, social networking feeds and internal email accounts being hijacked.
Up to now, the reason for the attacks has been unknown. However, a recent blog post by Adrienne Hall, general manager of Microsoft's Trustworthy Computing Group, has shed some light on a possible motive.
"It appears that documents associated with law enforcement inquiries were stolen," Hall revealed.
"Out of regard for the privacy of our employees and customers as well as the sensitivity of law enforcement inquiries we will not comment on the validity of any stolen emails or documents," she added.
She then goes on to assure end users that if any customer data related to the requests has been compromised, the company will take "appropriate action".
"In terms of the cyber attack, we continue to further strengthen our security. This includes ongoing employee education and guidance activities, additional reviews of technologies in place to manage social media properties, and process improvements based on the findings of our internal investigation," she added.
In a tweet published over the weekend, the SEA appeared to rubbish Microsoft's claims, claiming "it's not just law enforcement inquiries'" that have been allegedly taken by the hacktivist group.
In a further blog post, independent security expert Graham Cluley suggested the stolen documents could contain the information requests Microsoft receives from governments about specific users.
"Once again, questions will be asked as to whether large organisations are taking enough steps to properly protect the most sensitive information," said Cluley.
