In response to recent allegations made by the hacktivist group "Anonymous Sudan," Microsoft has officially denied any claims of a data breach caused by the group involving the compromise of 30 million customer account credentials.
Last month, Microsoft did acknowledge that Anonymous Sudan was responsible for service disruptions and outages at the beginning of June, affecting several of its services, including Azure, Outlook, and OneDrive.
Anonymous Sudan has gained notoriety for carrying out debilitating distributed denial-of-service (DDoS) attacks against various Western entities in recent months. The group has acknowledged its association with pro-Russian hacktivists like Killnet.
The hacktivists claimed to have successfully hacked Microsoft and acquired a substantial database containing over 30 million Microsoft accounts, comprising emails and passwords.
Anonymous Sudan offered to sell this database for $50,000 to interested parties and directed potential buyers to contact their Telegram bot for further arrangements.
According to the company statement provided to Bleeping Computer, Microsoft denies claims made by the hacktivist group.
"At this time, our analysis of the data shows that this is not a legitimate claim and an aggregation of data. We have seen no evidence that our customer data has been accessed or compromised."
The hacktivist group also recently hacked the website of Scandinavian Airlines for the second time this year and even took down the Microsoft 365 software suite - which Microsoft confirmed in a blog post. The company said:
"Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359."