Microsoft has filed a complaint at a federal court in Washington accusing a Comcast subscriber of activating various pirated copies of its software. The account was identified by Microsoft's in-house cyberforensics team which logs suspicious "activation patterns."

Traditionally, Microsoft isn’t known for going after people who use pirated copies of Windows, but every now and then the company draws a line in the sand.

Late last week Microsoft filed a copyright infringement lawsuit against a person, or persons, who activated pirated copies of Windows 7, Windows 8, Windows Server and Office 10 from a Comcast Internet connection.

The software company has a specialized cyberforensics department which analyzes activation logs to detect activation patterns and characteristics which make it likely that certain IP-addresses are engaged in unauthorized copying.

“Cyberforensics allows Microsoft to analyze billions of activations of Microsoft software and identify activation patterns and characteristics that make it more likely than not that the IP address associated with the activations is an address through which pirated software is being activated,” the company writes in its complaint.

Generally speaking, one person who activates a pirated copy of Windows has little to worry about. Microsoft will log those IP-addresses but has shown little interest in going after casual pirates.

However, in this case the company noticed that a lot of suspicious activity was coming from a single Comcast connection.

“Microsoft’s cyberforensics have identified several thousand product key activations originating from IP address 173.11.224.197, which is presently assigned to Comcast Cable Communications,” Microsoft writes.

“On information and belief, each of these activations and attempted activations constitutes the unauthorized copying of Microsoft software, in violation of Microsoft’s software licenses and its intellectual property rights.”

According to the complaint the suspicious keys were likely stolen from Microsoft’s supply chain and used more often than permitted by the company.

In order to pinpoint the culprit, Microsoft has asked the court for a subpoena to identify the Comcast subscriber in question. It then hopes to recoup some of its claimed losses by requesting both actual and statutory damages.

From the descriptions used in the complaint it seems likely that the target is a company, rather than an individual user. Microsoft previously filed similar cases where the defendants turned out to be computer-related businesses.

The full compliant is available here.