On Friday, Microsoft admitted that “a select number” of employees fell victim to a successfully-executed highly-targeted spear phishing attacks via social media and e-mail accounts. The company says the attackers went after “documents associated with law enforcement.”

“While our investigation continues, we have learned that there was unauthorized access to certain employee e-mail accounts, and information contained in those accounts could be disclosed,” Adrienne Hall, general manager of the Trustworthy Computing Group at Microsoft, wrote on Friday.

“It appears that documents associated with law enforcement inquiries were stolen. If we find that customer information related to those requests has been compromised, we will take appropriate action. Out of regard for the privacy of our employees and customers—as well as the sensitivity of law enforcement inquiries—we will not comment on the validity of any stolen e-mails or documents.”

In March 2013, Microsoft released its first transparency report, noting that it had received over 70,000 law enforcement requests in 2012.

Hall also told SecurityWeek that these phishing attacks “are related” to recent attacks claimed by the Syrian Electronic Army.

Back in 2011, a phishing attack also targeted RSA employees, which resulted in the theft of proprietary data that ultimately resulted in the weakening of SecurID.