Microsoft has admitted that the hacking group known as the Syrian Electronic Army has accessed its internal email accounts.
Over the weekend before last, the SEA took over a pair of Microsoft Twitter accounts and an official blog – the second such attack against Microsoft by the hackers in the past two weeks.
Now, Microsoft has admitted that the SEA hackers not only hijacked external social media, but also managed to access employee email accounts.
"A social engineering cyber-attack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted," Microsoft admits in a statement sent to The Register.
"These accounts were reset and no customer information was compromised. We continue to take a number of actions to protect our employees and accounts against this industry-wide issue."
The SEA has previously interfered with social media accounts belonging to a host of major companies and media publishers, including The New York Times and Twitter itself.
However, the hacking group suggested Microsoft would continue to be a target, saying in a tweet: "We didn't finish our attack on Microsoft yet, stay tuned for more!"
The hackers have suggested in Twitter messages that Microsoft has been targeted because the SEA believes it's passing on user data to governments.