Friday, July 12, 2024
21 C
Johannesburg

Microsoft’s Whispers of Russian Espionage Exposed: The Great Phish-Out


Microsoft’s Bungled Notification of Russian Hack Exposes Customers to Further Risk

In a shocking display of incompetence, Microsoft has been accused of sending out emails to customers affected by the Russian government hack, "Midnight Blizzard" (or APT29), that look suspiciously like phishing attempts. The emails, which are supposed to inform customers of the breach and the potential theft of their data, have been flagged by experts as potentially malicious.

The notifications, which were sent out months after the initial breach, have been criticized for being vague and lacking in detail. Instead of providing clear instructions on what to do next, the emails include a "secure link" to a domain that bears no apparent connection to Microsoft. This has led many customers to question the legitimacy of the email and wonder if it’s just a clever phishing attempt.

Kevin Beaumont, a former Microsoft employee and cybersecurity researcher, has been warning companies to be on the lookout for these emails, which he claims are not following standard protocol. "Microsoft had a breach by Russia impacting customer data and didn’t follow the Microsoft 365 customer data breach process," he wrote on LinkedIn. "The notifications aren’t in the portal, they emailed tenant admins instead."

But it’s not just Beaumont who’s sounding the alarm. A cybersecurity consultant has come forward to say that several of his clients received the email and were all worried it was a phishing attempt. "At first glance, this did not inspire trust for the recipients, who started asking in forums or reaching out to Microsoft account managers to eventually confirm that the email was legitimate…weird way for a provider like this to communicate an important issue to potentially affected customers," he wrote.

The lack of transparency and clear communication from Microsoft has left customers feeling vulnerable and exposed. With the Russian government hack still fresh in their minds, it’s unacceptable that Microsoft is not taking more concrete steps to protect their customers’ data.

Contact Us

Do you have more information about this Microsoft incident? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or email lorenzo@techcrunch.com. You also can contact TechCrunch via SecureDrop.



Source link

Hot this week

Social Chaos: Online Anarchy Awaits With X’s ‘Dislike’ Button

ELON MUSK'S TWITTER DOWNVOTING FEATURE IS JUST THE...

Bayport Cracks Down on Debt in Africa

EXPOSING THE DARK UNDERBELLY OF BAYPORT MANAGEMENT LTD'S...

Google’s Pixel 9 Pro: The Revolutionary Failure

It’s a day that ends in Y, which...

Your ‘Security’ is a Lie: It’s Already Compromised

The Dirty Little Secret of Network Security: Why...

Millions of Innocent People Compromised by Stealthy Spyware

The Unholy Alliance: Spyware Empire Exposed Deep within the...

Topics

Social Chaos: Online Anarchy Awaits With X’s ‘Dislike’ Button

ELON MUSK'S TWITTER DOWNVOTING FEATURE IS JUST THE...

Bayport Cracks Down on Debt in Africa

EXPOSING THE DARK UNDERBELLY OF BAYPORT MANAGEMENT LTD'S...

Google’s Pixel 9 Pro: The Revolutionary Failure

It’s a day that ends in Y, which...

Your ‘Security’ is a Lie: It’s Already Compromised

The Dirty Little Secret of Network Security: Why...

Millions of Innocent People Compromised by Stealthy Spyware

The Unholy Alliance: Spyware Empire Exposed Deep within the...

Goldmine of Secrets: Sibanye-Stillwater’s IT Systems Hacked

CYBER WARFARE: Sibanye-Stillwater Joins the Ranks of South...

Arm’s Betrayal: The Secret Weapon to Make Your Mobile Phone’s Graphics Obsolete

ARM's Insidious Plot to Ruin Mobile Gaming Revealed:...

The Iphone King’s Folly

APPLE'S VISION PRO: A MASSIVE FAILURE LOOMS The tech...
spot_img

Related Articles

Popular Categories

spot_imgspot_img