Microsoft confess to phishing losses
They said: "Recently, a select number of Microsoft employees' social media and email accounts were subjected to targeted phishing attacks. This type of attack is not uncommon, and many companies grapple with phishing attempts from cybercriminals."
"While our investigation continues, we have learned that there was unauthorized access to certain employee email accounts, and information contained in those accounts could be disclosed."
Of course, the Syrian Electronic Army (do they still have conscription?) were behind this attack, even though Microsoft weren't prepared to mention them by name and they've already posted up snippets of what they stole. The SEA also reckon they took enough info to get back into Microsoft's social media accounts and emails too.
"If we find that customer information related to those requests has been compromised, we will take appropriate action. Out of regard for the privacy of our employees and customers - as well as the sensitivity of law enforcement inquiries - we will not comment on the validity of any stolen emails or documents," Microsoft continued.