Microsoft pledged on Wednesday to notify people with Microsoft accounts (which include Outlook.com emails and OneDrive) if it believes those accounts have been targeted or hacked by people working on behalf of a nation or state.
In a blog post on the Microsoft website, Microsoft executive Scott Charney said the company is “taking this additional step” if it has evidence that the attacker may be state-sponsored “because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.”
He added that the notifications “do not mean that Microsoft’s own systems have in any way been compromised,” and if a customer receives such a notification it doesn’t mean they have been hacked. Rather, it means Microsoft has evidence their account has been targeted, and the user should increase the security settings on their accounts.
Microsoft already notifies account holders if it believes they have been targeted or compromised by third parties, but until now, it has not informed users of possible state-sponsored attacks.