Microsoft handed over encryption keys for its hard drive encryption software BitLocker to the FBI last year, complying with a search warrant tied to a fraud investigation in Guam. This marks the first known case of the tech giant providing BitLocker recovery keys to law enforcement.
Forbes reported on Friday that Microsoft turned over recovery keys for BitLocker, allowing the FBI to access data stored on three seized laptops. BitLocker comes enabled by default on many Windows PCs and is designed to encrypt a computer’s data in case it’s lost or stolen.
BitLocker encryption can be unlocked using a recovery key stored locally on a user’s device, but Microsoft also encourages users to back up their recovery keys to the cloud. That backup can make data recovery easier if a user forgets their password, but it also creates a pathway for law enforcement and potentially hackers to access a user’s data.
Microsoft did not immediately respond to a request for comment from Gizmodo. However, a spokesperson told Forbes that “While key recovery offers convenience, it also carries a risk of unwanted access, so Microsoft believes customers are in the best position to decide… how to manage their keys.”
He added that Microsoft receives roughly 20 requests for BitLocker recovery keys each year, but is unable to comply in cases where the keys are not backed up in the cloud.
The specific request cited in the report comes from a federal investigation into a fraud ring tied to the Pandemic Unemployment Assistance program in Guam. Several people were charged in the case, including family members of the island’s Lieutenant Governor, Josh Tenorio.
Local news outlets reported last summer that unsealed search warrants revealed that investigators were seeking BitLocker recovery keys for three computers seized during an FBI raid of a business owned by the lieutenant governor’s sister, Charissa Tenorio. The records show that Microsoft complied with the request on February 10, 2025.
Beyond this specific case, the news has raised alarms among the cybersecurity community. Matthew Green, a cryptography expert at Johns Hopkins, took to Bluesky to share his concerns over how easy it seemed to be for authorities to obtain the keys.
“Once upon a time you could assume (mostly) that any Federal law enforcement agency doing this would be operating within the bounds of the law. Nowadays, who knows. I sure wouldn’t want to be a journalist relying on Bitlocker,” Green wrote, linking to a news article about an FBI raid on the home of Washington Post reporter Hannah Natanson.
He also warned that the ease with which Microsoft was able to hand over the keys means that “anyone who compromises their cloud infrastructure (and customer service infrastructure, or can forge a plausible LE request) can potentially access that data.”
Read the full article here
