The company says that no customer information was compromised

Jan 16, 2014 10:23 GMT  ·  By

Microsoft had two really tough weeks in the beginning of 2014, as several of its social accounts and blogs got hijacked by Syrian hackers who used them to post anti-Microsoft messages.

The Syrian Electronic Army is the group behind the recent attacks, and even though Redmond has taken the necessary steps to make sure that no similar security breaches would be discovered in the near future, more similar hack attempts would follow soon, according to a recent tweet.

Redmond, on the other hand, decided to break the news with more information on what actually happened in early 2014, admitting that Facebook, Twitter, and blog accounts were not the only ones affected by the recent hacks.

It turns out that the SEA also managed to break into company email accounts and even posted some conversations between Steve Clayton, who is in charge of the social accounts, and Frank Shaw.

But according to a statement released by Microsoft for ITProPortal, no user data was compromised following these attacks, and the company still works to make its accounts more secure.

“A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted. These accounts were reset and no customer information was compromised,” the company noted in a statement.

But what’s worse is that Microsoft’s employees don’t seem to have a well-developed sense of security when it comes to protecting their email accounts.

According to the Syrian Electronic Hackers, a Microsoft employee was using the phrase “Microsoft2” as password for his account and, after he got hacked, he changed it to… “Microsoft3.”

“A Microsoft employee wanted to make his password more stronger, so he changed it from ‘Microsoft2’ to ‘Microsoft3’ #happened,” the hackers said in tweet whose legitimacy cannot be verified.