James Martin | CNET
Two British men have been arrested by law enforcement after allegedly scheming to break into Microsoft systems in the quest for customer data.
Detectives from the South East Regional Organised Crime Unit (Serocu) said on Thursday that two warrants were issued for the men for conspiracy to gain unauthorized access to the Microsoft network.
The first suspect, a 22-year-old from Lincolnshire, has been arrested, alongside a 25-year-old from Bracknell.
The duo has been arrested on suspicion of gaining unauthorized access to a computer, as well as offenses under the UK’s Computer Misuse Act.
Law enforcement says an investigation leading to the arrests is related to “unauthorized intrusion into networks belonging to Microsoft,” and the men repeatedly tried to infiltrate the Redmond giant’s networks between January and March this year.
The men are allegedly part of a wider ring of cybercriminals all with Microsoft data in their sights.
“This group is spread around the world and therefore the investigation is being coordinated with our various partners,” Detective Sergeant Rob Bryant from Sercou’s Cyber Crime Unit said. “We’ve made two arrests in the UK this morning and have seized a number of devices.”
“We are still in the early stages of this investigation and will work with our partners to ensure that cyber criminals have no place to hide,” Bryant added.
Microsoft has confirmed that the attempts have been thwarted and no customer information has been accessed, stolen, or leaked.
Sercou, the East Midlands Special Operations Unit (EMSOU), Microsoft’s cyber team, the FBI, Europol and the NCA’s National Cyber Crime Unit (NCCU) are collaborating throughout the investigation.
“Today’s action by authorities in the UK represents an important step,” Tom Burt Microsoft’s vice president told the BBC. “Stronger internet security depends on the ability to identify and prosecute cybercriminals. This requires not only a strong technical capability, but the willingness to acknowledge issues publicly and refer them to law enforcement. No company is immune from cybercrime. No customer data was accessed, and we’re confident in the integrity of our software and systems.”
The pair remain in police custody.
Earlier this month, Europol swooped in on a cybercriminal ring offering tools for circumventing antivirus software. Law enforcement says the gang specialized in ways to smuggle malware into legitimate-looking systems.