On Friday, Microsoft admitted that “a select number” of employees fell victim to a successfully-executed highly-targeted spear phishing attacks via social media and e-mail accounts. The company says the attackers went after “documents associated with law enforcement.”
“While our investigation continues, we have learned that there was unauthorized access to certain employee e-mail accounts, and information contained in those accounts could be disclosed,” Adrienne Hall, general manager of the Trustworthy Computing Group at Microsoft, wrote on Friday.
“It appears that documents associated with law enforcement inquiries were stolen. If we find that customer information related to those requests has been compromised, we will take appropriate action. Out of regard for the privacy of our employees and customers—as well as the sensitivity of law enforcement inquiries—we will not comment on the validity of any stolen e-mails or documents.”