Microsoft update: Users of company's online services to get notified of state-sponsored hacking


Microsoft, the biggest software company in the world, is adding another step in their online services security system to help users ensure that their personal information are kept safe and confidential. 

The tech giant has already been notifying users of email and OneDrive storage if their accounts have been hacked or compromised. But with the added step in their security protocol, users will be informed if the hacking involves a nation. 

In a blog post published on Dec. 30, Corporate Vice President for Trustworthy Computing Scott Charney wrote: “We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be ‘state-sponsored’ because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.” 

However, getting notified of a potentially state-sponsored attack does not necessarily mean that the company’s own security systems have been compromised. Additionally, it is not immediately conclusive that the user’s account has been jeopardized. 

“…[But] it does mean we have evidence your account has been targeted, and it’s very important you take additional measures to keep your account secure,” added Charney.

These additional measures that must be taken by users include turning on Microsoft’s two-step verification, using a strong password combination and changing it often, running an updated antivirus program, and being mindful of accessing suspicious emails and websites.

Microsoft was the fourth tech giant to implement this policy change. Google has already been doing this security standard since June 2012. Facebook announced the same policy in October 2015, and Twitter has begun sending notifications to its members in December 2015.

The policy update coincides with a Reuters special report that cites former Microsoft employees saying [the company] decided not to tell users including international leaders of China’s Tibetan and Uighur minorities that Chinese authorities had hacked into their accounts.