top of page
Search

Microsoft's BitLocker Encryption Keys Shared with the FBI

  • Jan 25
  • 2 min read

Key Findings


  • The FBI obtained BitLocker encryption keys from Microsoft to access encrypted data on laptops seized during a fraud investigation in Guam.

  • Microsoft provides these recovery keys to law enforcement when presented with a valid legal order, as the keys are often backed up to users' Microsoft accounts by default.

  • This practice raises privacy concerns, as it allows authorities to bypass the encryption meant to protect users' data, even if the device owner has not knowingly shared the keys.

  • Cybersecurity experts warn that this could also expose users to risks if Microsoft's systems are breached, as hackers could potentially gain access to a large number of recovery keys.


Background


The case began in Guam, where federal agents were investigating a scheme to steal $2 million from a COVID-19 relief program. During the investigation, the FBI seized three laptops belonging to suspects Kathleen Peredo, Marleen Pinaula, and Charissa Tenorio, all of whom were accused of manipulating applications and submitting fraudulent claims.


Microsoft Provided BitLocker Keys


When the FBI attempted to access the seized laptops, they were protected by BitLocker, Microsoft's full-disk encryption tool. Instead of trying to break the encryption, the FBI obtained a search warrant and simply requested the BitLocker recovery keys from Microsoft.


Privacy Concerns Raised


This practice, while legal, has raised concerns among cybersecurity experts and privacy advocates. By default, BitLocker recovery keys are often backed up to users' Microsoft accounts, allowing the company to provide them to law enforcement when presented with a valid court order.


Potential Risks


The ability of authorities to bypass BitLocker encryption by obtaining the recovery keys from Microsoft raises the possibility that hackers could also gain access to these keys if they manage to compromise Microsoft's systems. This could allow them to decrypt data on seized devices, even if the owner has not knowingly shared the keys.


Experts' Recommendations


To regain control over their data privacy, experts suggest that users opt out of automatically backing up their BitLocker recovery keys to their Microsoft accounts. Instead, they recommend storing the keys on a physical USB drive or printing them out and keeping them in a secure location.


Sources


  • https://hackread.com/fbi-windows-laptops-microsoft-bitlocker-recovery-keys/

  • https://techcrunch.com/2026/01/23/microsoft-gave-fbi-a-set-of-bitlocker-encryption-keys-to-unlock-suspects-laptops-reports/

  • https://www.windowscentral.com/microsoft/windows-11/microsoft-bitlocker-encryption-keys-give-fbi-legal-order-privacy-nightmare

  • https://www.tomshardware.com/tech-industry/cyber-security/microsoft-gave-customers-bitlocker-encryption-keys-to-the-fbi-redmond-confirms-that-it-provides-recovery-keys-to-government-agencies-with-valid-legal-orders

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page