Cyber Incident Victim: Microsoft
Date:
Jan 2014
Location:
United States of America
Summary
A hacker group breached Microsoft and leaked documents revealing the company charged the FBI’s Digital Intercept Technology Unit substantial fees—ranging from $100 to $200 per request—for providing customer data, with monthly invoices totaling hundreds of thousands of dollars. While legally permissible, the exposure highlighted transparency concerns regarding government data requests and raised questions about security protocols due to the unauthorized access to internal communications.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In May 2021, the Daily Dot reported on documents allegedly hacked by the Syrian Electronic Army (SEA), a group supporting Syrian President Bashar al-Assad, which revealed financial arrangements between Microsoft and the FBI’s Digital Intercept Technology Unit (DITU). The SEA, known for compromising Western media accounts, provided the Daily Dot with emails and invoices from Microsoft’s Global Criminal Compliance team to DITU, dating from 2012 to 2013. These records indicated Microsoft charged DITU fees for processing legal requests for customer data, with invoices showing $145,100 for December 2012 ($100 per request), $352,200 for August 2013 ($200 per request), and $281,000 for November 2013. Microsoft confirmed unauthorized access to its emails but did not dispute the documents’ contents. Cybersecurity experts found no obvious signs of forgery, though the SEA’s history of targeting Microsoft raised suspicions about the breach’s origin. The documents underscored the frequency of government data requests but lacked specifics about the type or volume of user information sought.
The incident highlighted legal but previously undisclosed costs associated with law enforcement surveillance. Advocacy groups reacted to the disclosures: Christopher Soghoian of the ACLU stated such fees created accountability for government requests, while the EFF’s Nate Cardozo argued taxpayers deserved transparency about these expenditures. DITU’s role as the FBI’s liaison to tech firms, akin to the NSA’s function, drew attention due to its low public profile. Broader context emerged from comparisons to other agencies, including CIA payments to AT&T for phone records and NSA compensation to tech companies for compliance. The breach raised concerns about Microsoft’s security protocols, as the SEA obtained the data without sophisticated methods. No remediation steps by Microsoft or the FBI were detailed in the report, though the incident amplified debates about surveillance costs and corporate-government financial relationships in data access operations.