The Threat Actor 888 claimed a compromise against Microsoft

Pietro Melillo : 10 July 2024 11:40

On July 9, 2024, a user known as “888” posted on BreachForums claiming to have leaked sensitive data of Microsoft employees. This alleged breach has exposed personal information of 2,073 company employees, reportedly due to a flaw in a third-party system.

Details of the Breach

According to the post published by “888,” the compromised data includes:

• Full Name
• Job Title
• Email
• Email Verification Status
• Direct Phone Number
• Corporate Phone Number
• Industry
• Person LinkedIn URL
• Company Website
• Person City, State, and Country of Residence
• Company Phone Number

Vuoi diventare un esperto del Dark Web e della Cyber Threat Intelligence (CTI)?
Stiamo per avviare il corso intermedio in modalità "Live Class", previsto per febbraio.
A differenza dei corsi in e-learning, disponibili online sulla nostra piattaforma con lezioni pre-registrate, i corsi in Live Class offrono un’esperienza formativa interattiva e coinvolgente.
Condotti dal professor Pietro Melillo, le lezioni si svolgono online in tempo reale, permettendo ai partecipanti di interagire direttamente con il docente e approfondire i contenuti in modo personalizzato. Questi corsi, ideali per aziende, consentono di sviluppare competenze mirate, affrontare casi pratici e personalizzare il percorso formativo in base alle esigenze specifiche del team, garantendo un apprendimento efficace e immediatamente applicabile.
Non perdere i nostri corsi e scrivi subito su WhatsApp al numero
379 163 8765  per richiedere informazioni "

Supporta RHC attraverso:

• L'acquisto del fumetto sul Cybersecurity Awareness
• Ascoltando i nostri Podcast
• Seguendo RHC su WhatsApp
• Seguendo RHC su Telegram
• Scarica gratuitamente "Dark Mirror", il report sul ransomware di Dark Lab

Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.

The extent of the breach is significant, as the disclosed information can be used for a range of malicious activities, including phishing, fraud, and targeted attacks.

Situation Analysis

At the moment, we cannot precisely confirm the veracity of the breach. Microsoft has not released any official press statement on its website regarding the incident. The lack of an official statement makes it difficult to verify the authenticity of the data published by “888.”

However, the post on BreachForums has attracted the attention of the cybersecurity community and experts in the field, who are closely monitoring the situation. The speed at which this data could be used for malicious purposes underscores the importance of a timely and transparent response from Microsoft.

Conclusions

The potential attack on Microsoft, claimed by the malicious actor “888,” is a clear warning signal for all companies regarding the vulnerability of their data.

As is our practice, we always leave room for a statement from the company should they wish to provide updates on the matter. We would be happy to publish such information with a specific article highlighting the issue.

RHC will monitor the evolution of the case to publish further news on the blog, should there be substantial developments. If there are any individuals informed about the facts who wish to provide information anonymously, they can use the whistleblower’s encrypted email.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"