Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects’ laptops: Studies

Microsoft offered the FBI with the restoration keys to unlock encrypted knowledge on the exhausting drives of three laptops as a part of a federal investigation, Forbes reported on Friday.

Many fashionable Home windows computer systems depend on full-disk encryption, known as BitLocker, which is enabled by default. This kind of expertise ought to forestall anybody besides the machine proprietor from accessing the info if the pc is locked and powered off. 

However, by default, BitLocker restoration keys are uploaded to Microsoft’s cloud, permitting the tech large — and by extension legislation enforcement — to entry them and use them to decrypt drives encrypted with BitLocker, as with the case reported by Forbes.

The case concerned a number of folks suspected of fraud associated to the Pandemic Unemployment Help program in Guam, a U.S. island within the Pacific. Native information outlet Pacific Day by day Information coated the case final 12 months, reporting {that a} warrant had been served to Microsoft in relation to the suspects’ exhausting drives. Kandit Information, one other native Guam information outlet, additionally reported in October that the FBI requested the warrant six months after seizing the three laptops encrypted with BitLocker. 

A spokesperson for Microsoft didn’t instantly reply to a request for remark by information.killnetswitch. Microsoft instructed Forbes that the corporate typically offers BitLocker restoration keys to authorities, having obtained a mean of 20 such requests per 12 months. 

Aside from the privateness dangers of handing restoration keys to an organization, Johns Hopkins professor and cryptography skilled Matthew Inexperienced raised the potential situation the place malicious hackers compromise Microsoft’s cloud infrastructure — one thing that has occurred a number of instances in recent times — and get entry to those restoration keys. The hackers would nonetheless want bodily entry to the exhausting drives to make use of the stolen restoration keys.

“It’s 2026 and these considerations have been identified for years,” Inexperienced wrote in a submit on Bluesky. “Microsoft’s incapacity to safe essential buyer keys is beginning to make it an outlier from the remainder of the trade.”