Microsoft Gives FBI BitLocker Keys for Guam Fraud Laptops

Microsoft has provided U.S. federal agents with the digital keys to unlock three encrypted laptops. These devices are reportedly linked to a massive COVID unemployment fraud scheme in Guam.

This case shows how cloud-stored encryption keys can help law enforcement, but also raises big privacy worries for everyday users.

Early last year, in 2025, FBI investigators in Guam got a search warrant for Microsoft. They wanted recovery keys for three laptops tied to a plot stealing funds from the island’s COVID relief program.

Crooks had handled unemployment aid and pocketed millions. The laptops held proof of the crime, but strong encryption blocked access.

BitLocker, Microsoft’s built-in tool on many Windows PCs, locked the data tightly. It scrambles files so only the right key can unscramble them. Without it, the drives stay sealed even from owners who forget passwords.

How BitLocker Keys Work and the Cloud Risk

BitLocker turns on automatically on newer Windows devices to protect hard drives. Users pick where to save the 48-digit recovery key:

• On a USB drive or printed paper, they control.
• Or in Microsoft’s cloud servers for easy access.

Storing in the cloud helps if you lock yourself out after wrong password tries. But it opens a backdoor. Law enforcement can demand the key with a valid warrant, and Microsoft must hand it over.

In Guam, that’s exactly what happened. Agents got the keys and cracked the laptops open.

Microsoft told Forbes it follows legal orders for BitLocker keys. Spokesperson Charles Chamberlayne said: “While key recovery offers convenience, it also carries a risk of unwanted access, so Microsoft believes customers are in the best position to decide… how to manage their keys.”

The company gets about 20 such requests yearly. Often, it can’t help because users didn’t save keys in the cloud. Microsoft urges people to think twice about cloud storage for max privacy.

This isn’t new; tech giants like Apple and Google face similar demands. But it spotlights BitLocker’s double edge: great protection from hackers, yet vulnerable to government subpoenas.

Experts say: Export your key offline. Use hardware like YubiKey for better security. As scams evolve, balancing convenience and privacy remains key.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.