We’re committed to helping our users keep their personal information secure and private. A key part of our work is identifying and preventing unauthorized access to your Microsoft Account (including Outlook.com email and OneDrive) by anyone other than you.
We’re taking an additional step today. We will now notify you if we believe your account has been targeted or compromised by an individual or group working on behalf of a nation state.
We already notify users if we believe their accounts have been targeted or compromised by a third party, and we provide guidance on measures users can take to keep their accounts secure. We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be “state-sponsored” because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft’s own systems have in any way been compromised.
If you receive one of these notifications it doesn’t necessarily mean that your account has been compromised, but it does mean we have evidence your account has been targeted, and it’s very important you take additional measures to keep your account secure. You should also make sure your computer and other devices do not have viruses or malware installed, and that all your software is up to date.
The evidence we collect in any active investigation may be sensitive, so we do not plan on providing detailed or specific information about the attackers or their methods. But when the evidence reasonably suggests the attacker is “state sponsored,” we will say so.
There are some important steps that everyone should take to help keep their Microsoft Account and their online personal information secure including:
- Turn on two-step verification: This makes it harder for hackers to access your account even if they guess your password because if they try to sign in on a device Microsoft doesn’t recognize, we’ll ask for an extra security code (which you can get from a special app on your phone, sent to a different email address or via SMS text message).
- Use a strong password and change it often: Make sure your password contains a mix of letters, numbers and symbols, isn’t a complete word and is different than the password you use on other sites. Be sure to change your password often.
- Watch for suspicious activity on your account: The “Recent Activity” page on your Microsoft Account shows recent sign-ins and changes to your account, and allows you to let Microsoft know if you were not the person making these changes.
- Be careful of suspicious emails and websites: Don’t open emails from unfamiliar senders or email attachments that you don’t recognize. Be careful when downloading apps or files from the Internet, and make sure you know the source.
- Keep your computer software, including your Web browser, up to date and run an up-to-date anti-virus program: For Windows PCs, you should turn on Windows Update to ensure your PC and Microsoft software stay up to date. You should install a reputable anti-virus/ anti-malware software. Both Windows 8.1 and Windows 10 already include free anti-malware software called Windows Defender.
You can read more about the steps you can take to better protect your personal data and make any necessary changes on the Microsoft Account Security Page.