Microsoft suffers DDoS attack, 30 million customer data stolen

In early June, Microsoft suffered a severe outage of some of its services, including Outlook email, the OneDrive file-sharing application and Azure, its cloud computing infrastructure.

A group called Anonymous Sudan (also known as Storm-1359) claimed responsibility for the DDoS attack.

Anonymous Sudan has been active since January 2023, claiming to target all countries that oppose the group. However, some security researchers believe Anonymous Sudan is an offshoot of the pro-Russian threat group "Killnet.

The group relies on virtual private servers (VPS) as well as rented cloud infrastructure, open proxies and DDoS tools.

Initially, this IT giant did not provide details about its downtime, but it was later confirmed in a report called "Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks " that it was indeed the target of the DDoS attack.

Starting in early June 2023, Microsoft noticed a spike in traffic to some services and immediately launched an investigation. In its follow-up report, Microsoft said it tracked the ongoing DDoS campaign Storm-1359.

Microsoft said they have not seen any evidence that customer data has been accessed or compromised. However, Anonymous Sudan has now announced that it has stolen the credentials of 30 million Microsoft customer accounts.

On July 2, the Anonymous Sudan group claimed on its Telegram channel that it had successfully hacked into Microsoft and accessed a large database containing more than 30 million Microsoft accounts, emails and passwords. The group shared a sample of the stolen data and sold the database for $50,000.

Microsoft has not yet made a public comment on the alleged data breach.