Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.

The Threat Actor 888 claimed a compromise against Microsoft

Pietro Melillo : 10 July 2024 11:40

On July 9, 2024, a user known as “888” posted on BreachForums claiming to have leaked sensitive data of Microsoft employees. This alleged breach has exposed personal information of 2,073 company employees, reportedly due to a flaw in a third-party system.

Details of the Breach

According to the post published by “888,” the compromised data includes:

  • Full Name
  • Job Title
  • Email
  • Email Verification Status
  • Direct Phone Number
  • Corporate Phone Number
  • Industry
  • Person LinkedIn URL
  • Company Website
  • Person City, State, and Country of Residence
  • Company Phone Number

The extent of the breach is significant, as the disclosed information can be used for a range of malicious activities, including phishing, fraud, and targeted attacks.

Situation Analysis

At the moment, we cannot precisely confirm the veracity of the breach. Microsoft has not released any official press statement on its website regarding the incident. The lack of an official statement makes it difficult to verify the authenticity of the data published by “888.”

However, the post on BreachForums has attracted the attention of the cybersecurity community and experts in the field, who are closely monitoring the situation. The speed at which this data could be used for malicious purposes underscores the importance of a timely and transparent response from Microsoft.


The potential attack on Microsoft, claimed by the malicious actor “888,” is a clear warning signal for all companies regarding the vulnerability of their data.

As is our practice, we always leave room for a statement from the company should they wish to provide updates on the matter. We would be happy to publish such information with a specific article highlighting the issue.

RHC will monitor the evolution of the case to publish further news on the blog, should there be substantial developments. If there are any individuals informed about the facts who wish to provide information anonymously, they can use the whistleblower’s encrypted email.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"