Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Microsoft knows which accounts were targeted by the attacker. They say so in the first link: "Our telemetry and investigations indicate that post-compromise activity was limited to email access and exfiltration for targeted users." Therefore, no, it is hyperbole that this attack means any and all MS data is compromised.

The key that was compromised from one MS engineer was used in conjunction with a specific bug - crash dumps were including secret keys, accessible on a debug environment -, this is not how the system is intended to work at all and they implemented measures to fix it. So this is another hyperbole from the original post.



via the state department, they know which emails in outlook for the state dept were compromised by their access patterns.

That's the access patterns of a single application for a single user. They know absolutely nothing about what's happened to their infrastructure.


If you would read the first link, you would see that what you're claiming is unsubstantiated. They could track it to a great level of detail because they identified the threat vector and patched it quickly.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: