Discussion in 'Article Discussion' started by bit-tech, 15 Apr 2019.
Bloody hell, 3 months?! Did they really actually detect the compromised account, or was that just how long it took for the password to autoexpire?
And why on earth would a 'support agent' have direct access to personal information in the first place, rather than via a separate-account-checkout system?
Article updated: turns out around six percent of affected accounts could have their entire email contents read, in contrast to Microsoft's initial statement on the matter.
Why on earth weren't they using their own MFA either?!?!?, GG M$
Separate names with a comma.