The Syrian Electronic Army promised more attacks on Microsoft, and the hacking group is following through with its threat today. Just hours after Microsoft unveiled a redesigned Office blog, the SEA hacked and defaced the site multiple times. Several articles appeared on the site with the title "hacked by the Syrian Electronic Army," before being removed. The group's official Twitter account acknowledged the attack with screenshots of the administration panel for the Office blog, before taunting Microsoft that "changing the CMS will not help you if your employees are hacked and they don't know about that."
The latest attack comes just days after Microsoft revealed that Syrian Electronic Army hackers were able to access a "small number" of employee email accounts. Some details of internal conversations were posted at the same time Microsoft’s official news blog and Twitter account were compromised earlier this month. The Syrian Electronic Army also attacked the official Xbox support Twitter account, while the group managed to gain access to the official Skype blog and Twitter account on January 1st. The series of attacks are an embarrassing and painful reminder of how accounts can be compromised due to simple email phishing.
We’ve reached out to Microsoft for comment on the latest attacks, and we’ll update you accordingly.
Update: Microsoft has confirmed the compromise in a statement to The Verge. "A targeted cyberattack temporarily affected the Microsoft Office blog," says a Microsoft spokesperson. "The account was quickly reset and we can confirm that no customer information was compromised.”