Cyber Incident Victim: Skype

On January 1, 2014, the Syrian Electronic Army (SEA) compromised Skype's official Twitter account, Facebook page, and corporate blog. The attackers posted messages demanding an end to public spying, referencing controversies surrounding U.S. government surveillance programs. Skype regained control within hours, deleting unauthorized posts from its social media accounts and implementing automatic redirection of its compromised blog to the company homepage. A Skype spokesperson confirmed a "targeted cyber attack" had breached their social media credentials but emphasized no user data was accessed. The company issued a public apology via Twitter, stating: "You may have noticed our social media properties were targeted today. No user info was compromised. We’re sorry for the inconvenience." The SEA replicated the hacked messages through its own Twitter channels during the incident.

This attack occurred amid ongoing scrutiny of Skype's alleged cooperation with U.S. intelligence agencies following Edward Snowden's disclosures about the NSA's PRISM program. Documents had suggested the NSA gained backdoor access to monitor Skype calls despite Skype's prior claims about wiretapping resistance. The SEA, known for supporting Syrian President Bashar al-Assad, typically promoted pro-Syrian messages during cyber attacks but shifted focus to anti-surveillance rhetoric in this incident. The group had previously targeted major media organizations including The New York Times, Financial Times, BBC Weather, and Twitter's domain registration records in 2013. Skype and parent company Microsoft had been investigated by Luxembourg authorities in October 2013 over suspected NSA ties but were cleared of violations weeks before this attack. The compromise was limited to social media platforms and corporate communications channels, with no infiltration of Skype's core service infrastructure reported.