According to a report from the South East Regional Crime Unit, law enforcement in Britain arrested two men for their involvement in a conspiracy to hack into Microsoft networks. SEROCU reported an investigation into an “unauthorised intrusion into networks that Microsoft owns.” The breach occurred sometime between January and March, sources wrote.
Police in Britain, during a raid connected to the instigation, seized “a number of devices.” The device’s and their contents (assuming some of the devices are digital storage mediums) were not revealed after the raid. In fact, the majority of the case itself has been keys under wraps from the very start. Even the specific networks that the two men breached have not been revealed. The only part released by authorities was the connection to Microsoft networks.
Detective Sgt. Rob Bryant of SEROCU’s Cyber Crime Unit, said that the case is being investigated by the FBI, Microsoft, Europol, and NCA’s National Cyber Crime Unit. SEROCU and the East Midlands Special Operations Unit also executed the UK warrants and helped in the investigation. “This group is spread around the world and therefore the investigation is being coordinated with our various partners,” a SEROCU detective said. He added that “it is too early to speculate on what information the group has accessed.”
The first suspect, a 22-year-old, allegedly accessed a computer that he was unauthorized to access. The second, a 25-year-old, violated the Computer Misuse Act. The specifics of their crimes, as with much of the case, is private information—as of this update. Microsoft commented, however, reading the public that this hacking group had not accessed any user information.
“Today’s action by authorities in the UK represents an important step… Stronger internet security depends on the ability to identify and prosecute cybercriminals,” a Microsoft spokesperson told BBC. “This requires not only strong technical capability but the willingness to acknowledge issues publicly and refer them to law enforcement,” they said. “No customer data was accessed and we are confident in the integrity of our software and systems. We have comprehensive measures in place to prevent, detect and respond to attacks,” the statement concluded.
With worldwide law enforcement agencies investigating the case and more “group” members in existence, more arrests would be of no surprise. The information accessed, if not linked to customers, was not shared by the hacking group either. Both Microsoft and law enforcement spoke as if the beach itself may not have been successful. Although, given the charges both men face, they likely accessed private networks—there is a significant chance that they were unable to find the data they had set out to find.