British police have arrested two men in their twenties over an alleged plot to hack into Microsoft's network.
Detectives from the South East Regional Organised Crime Unit (SEROCU) carried out raids which led to the arrest of a 22-year-old from Sleaford and a 25-year-old from Bracknell in the UK yesterday.
“After speaking with Microsoft, we can confirm they did not gain access to customer information. It is too early to speculate on what information the group has accessed,” said Detective Sergeant Rob Bryant.
It is believed that the men were involved in repeated attempts to infiltrate the American software giants network between January and March this year.
Both were charged under the UK's Computer Misuse Act that criminalises unauthorised access to computers.
SEROCU said the pair were part of a larger group that was plotting the cyber-intrusion into the software giant's systems, seeking to steal customer data.
“We are working closely with our colleagues in EMSOU (East Midlands Special Operations Unit), Microsofts cyber team, the FBI, EUROPOL and the NCAs National Cyber Crime Unit (NCCU) to investigate these offences. This group is spread around the world and therefore the investigation is being coordinated with our various partners,” Bryant said, adding that a number of devices have been seized as part of the investigation and thetwo men remain in police custody.
Tom Burt, Microsoft's vice-president and deputy general counsel of the Digital Crimes Unit told the BBC: “Today's action by authorities in the UK represents an important step. Stronger internet security depends on the ability to identify and prosecute cybercriminals.
“This requires not only a strong technical capability, but the willingness to acknowledge issues publicly and refer them to law enforcement. No company is immune from cybercrime. No customer data was accessed, and we're confident in the integrity of our software and systems.
“We have comprehensive measures in place to prevent, detect, and respond to attacks. We also have specialist teams focused on working with law enforcement to identify people who attack either us or our customers, and we're committed to fast and effective action against attackers.”