A brief on the Microsoft breach
A Microsoft research group released a post on the data breach near the end of last week. The analysis involved a thorough scrutinization of the credentials used on Microsoft services from January to March 2019. These credentials were compared with over 3 billion credentials found to have been hacked via third-party sources. The analysis indicated the leak of the credentials of 44 million Microsoft and Azure AD (Active Directory) users owing to security negligence.
The report pointed out the riskiest part of this threat: the usage of the same credentials on other platforms in an attempt to find a match. Following the breach, Microsoft issued a mandatory password reset to users whose credentials had been breached.
Microsoft had some suggestions for users to keep in mind when creating passwords. The report noted, “Given the frequency of passwords being reused by multiple individuals, it is critical to back your password with some form of strong credential.” It added, “Microsoft also offers solutions to protect customers from breach replay attacks. This includes capabilities to flag users as high risk and inform the administrator to enforce a password reset.”
What happened with other tech giants?
TechCrunch reported a huge data breach of several subscribers, including the customers of AT&T and T-Mobile, in early December. The breach happened as a result of a third-party contractor’s neglect in storing information. As per the Fidus Information Security report, the breach involved information that was available on a vulnerable cloud server provided by Amazon Web Services. In fact, there was a leak of about 261,300 documents, according to the TechCrunch report. The exposed data involved customer names, addresses, bank statements, phone numbers, passwords, and PIN numbers, among other information.
Interestingly, AT&T faced a similar data breach incident in 2015. A severe breach also caused Google to close down its social networking platform, Google+, in 2018.
Data breach’s impact on Microsoft stock’s performance
Microsoft stock seems indifferent to the news of the data breach. Since December 2, the stock has gained more than 1.6%. Year-to-date, it’s up more than 50%. The stock is delivering nearly double the returns of the S&P 500.