Software giant Microsoft on Monday has vowed that it will notify its users if the company believes that the email accounts of the users were targeted by the government for hacking, spying or other similar reasons.
The company said that users will be notified should there be an unauthorized access to their Outlook email accounts and OneDrive files. It was said that the company will also state categorically whether such intrusion is state-sponsored or not, a report from iDigital Times said.
Microsoft's decision comes after a Reuters report revealed that Hotmail accounts of more than a thousand users have been comprised after these accounts have been hacked by the Chinese government. It was said that the company opts not to reveal the personal information of the users. Some of the victims include several international leaders both from "the Uighur and Tibetan communities, African and Japanese diplomats" and some are prominent human rights lawyers.
"Microsoft was first notified of the attacks by the team at Trend Micro, after which, Microsoft launched its own investigation. Once the reports were verified, the company forced targeted users to reset their passwords. The company never explained, however, the reason password resets were required. While Microsoft claims the password resets were the fastest way to fix the problem, Microsoft neglected to disclose those details because they feared angering the Chinese government," the report said.
"We're taking this additional step of specifically letting you know if we have evidence that the attacker may be "state-sponsored" because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft's own systems have in any way been compromised," Microsoft VP Scott Charney said in a statement as quoted in Engadget.
"Our focus is on helping customers keep personal information secure and private. Our primary concern was ensuring that our customers quickly took practical steps to secure their accounts, including by forcing a password reset. We weighed several factors in responding to this incident, including the fact that neither Microsoft nor the U.S. Government were able to identify the source of the attacks, which did not come from any single country. We also considered the potential impact on any subsequent investigation and ongoing measures we were taking to prevent potential future attacks," he added.
