Syrian hackers allege FBI pays Microsoft hundreds of thousands to access customer data

SEA reckons taxpayers are unwittingly funding government snooping operation

Hacker group the Syrian Electronic Army (SEA) alleges it has stolen documents that prove the FBI regularly pays Microsoft hundreds of thousands of dollars for access to its customer data.

This would effectively mean US taxpayers are funding their government to spy on them, to the tune of $100 per individual information request.

Quoted figures from the billing document include a total of $145,100 taken in December 2012, $352,200 in August 2013 and $281,000 in November 2013.

The figures are said to have come from emails and invoices sent between Microsoft's Global Criminal Compliance team and the FBI's Digital Intercept Technology Unit (DITU).

The payments, it seems, relate to "compliance costs" rather than any kind of selling of data - i.e. Microsoft would still be legally obliged to surrender the data, as confirmed by the US federal courts in late 2013 after such government activity was called into question following revelations about the PRISM program by NSA whistleblower Edward Snowden.

It is so far unknown whether the SEA's documents are authentic, but the SEA has a recent history of hacking attacks on Microsoft, including one that the company admitted to two weeks ago on its Technet blog.

Citing "a select number of Microsoft employees' social media and email accounts... subjected to targeted phishing attacks," the company stated email accounts were accessed, and that "information contained in those accounts could be disclosed".

If the documents are legitimate, the implication is that Microsoft and the FBI are using mere email to transmit financial information that would be expected to be shared far more securely.