Microsoft pledged on Wednesday to notify people with Microsoft accounts (which include Outlook.com emails and OneDrive) if it believes those accounts have been targeted or hacked by people working on behalf of a nation or state.
In a blog post on the Microsoft website, Microsoft executive Scott Charney said the company is “taking this additional step” if it has evidence that the attacker may be state-sponsored “because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.”
He added that the notifications “do not mean that Microsoft’s own systems have in any way been compromised,” and if a customer receives such a notification it doesn’t mean they have been hacked. Rather, it means Microsoft has evidence their account has been targeted, and the user should increase the security settings on their accounts.
Microsoft already notifies account holders if it believes they have been targeted or compromised by third parties, but until now, it has not informed users of possible state-sponsored attacks.
Join the conversation on Facebook >>
The policy change comes days after Reuters reported that Microsoft did not tell customers of a Chinese state-sponsored hack from May 2011 that targeted international leaders of China’s Tibetan and Uighur minorities. Microsoft disputed the Reuters report, saying in a prepared statement that the company and the U.S. government was unable to identify the source of the attacks, "which did not come from any single country."
MORE BUSINESS NEWS