Microsoft to Notify Users Targeted by Governments

Advertising Disclosure: When you buy something by clicking links on our site, we may earn a small commission, but it never affects the products or services we recommend.

Image Not Available

Microsoft is now notifying individuals when the company believes their user accounts have been targeted by a government.

Currently, the software company notifies users if it “believe[s] their accounts have been targeted or compromised by a third party.” Now, Microsoft will specify when it believes the third party is state-sponsored.

The change applies to accounts for Microsoft services such as email and OneDrive cloud storage.

Scott Charney, corporate vice president of Trustworthy Computing at Microsoft, explains in a blog post published Wednesday:

We’re taking an additional step today. We will now notify you if we believe your account has been targeted or compromised by an individual or group working on behalf of a nation state. …

We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be “state-sponsored” because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.

Microsoft will not provide users with detailed information about the attackers or their methods, however, since evidence the company collects as part of an active investigation might be sensitive.

Receiving notification from Microsoft does not necessarily mean the applicable user account has been hacked into, however. It means:

  • Microsoft has evidence the user’s account has been targeted.
  • It’s urgent that the user act to secure the account, including ensuring the user’s computer and other devices are free of viruses and malware and that software is up to date.

Steps that Microsoft recommends that everyone take to help keep their accounts secure include enabling two-step verification and using a strong password and changing it often.

Reuters reports that Microsoft’s “policy change comes nine days after Reuters asked the company why it had decided not tell victims of a hacking campaign, discovered in 2011, that had targeted international leaders of China’s Tibetan and Uighur minorities in particular.”

Microsoft explains in a statement to Reuters:

“As the threat landscape has evolved our approach has too, and we’ll now go beyond notification and guidance to specify if we reasonably believe the attacker is ‘state-sponsored.'”

What’s your take on this? Sound off in our Forums. It’s the place where you can speak your mind, explore topics in-depth, and post questions and get answers.

Get smarter with your money!

Want the best money-news and tips to help you make more and spend less? Then sign up for the free Money Talks Newsletter to receive daily updates of personal finance news and advice, delivered straight to your inbox. Sign up for our free newsletter today.