На информационном ресурсе применяются рекомендательные технологии (информационные технологии предоставления информации на основе сбора, систематизации и анализа сведений, относящихся к предпочтениям пользователей сети "Интернет", находящихся на территории Российской Федерации)

Feedbox

12 подписчиков

Microsoft Email Hack Shows the Lurking Danger of Customer Support

Author: Lily Hay Newman / Source: WIRED

Getty Images

On Friday night, Microsoft sent notification emails to an unknown number of its individual email users—across Outlook, MSN, and Hotmail—warning them about a data breach. Between January 1 and March 28 of this year, hackers used a set of stolen credentials for a Microsoft customer support platform to access account data like email addresses in messages, message subject lines, and folder names inside accounts.

By Sunday, it acknowledged that the problem was actually much worse.

After tech news site Motherboard showed Microsoft evidence from a source that the scope of the incident was more extensive, the company revised its initial statement, saying instead that for about 6 percent of users who received a notification, hackers could also access the text of their messages and any attachments. Microsoft had previously denied to TechCrunch that full email messages were affected.

It may seem odd that a single set of customer support credentials could be the keys to such a massive kingdom. But within the security community, customer and internal support mechanisms are increasingly seen as a potential source of exposure. On the one hand, support agents need enough account or device access to be able to actually help people. But as the Microsoft incident shows, too much access in the wrong hands can cascade into a dangerous situation.

“We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access,” a Microsoft spokesperson told WIRED. The company says that “out of an abundance of caution” it has increased threat monitoring for accounts impacted by the breach. Microsoft would not comment to WIRED on the scale of the attack or provide the total number of impacted accounts.

Without more…

Click here to read more

The post Microsoft Email Hack Shows the Lurking Danger of Customer Support appeared first on FeedBox.

Ссылка на первоисточник

Картина дня

наверх