Microsoft Says 44 Million Customers Passwords Breached
Microsoft reported today that tens of millions of its customers are using log-ins that have previously been breached, putting themselves and their organization at risk of account takeover, the computing giant has revealed. After checking and analyzing a database containing 3 billion leaked credentials from security breaches, the Microsoft threat research team found that than 44 million of its customer user accounts had been compromised and had a serious security problem.
The study, conducted from January to March 2019, found that over three billion credentials known to have been stolen by hackers, using third-party sources such as law enforcement and public databases.
“The Microsoft identity threat research team checks billions of credentials obtained from different breaches (from multiple sources, including law enforcement and public databases) to look for compromised credentials in the Microsoft systems,” the tech giant said on Friday.
“As you can see on the right, so far, in 2019* the threat research team checked over 3 billion credentials and found a match for over 44 million Azure AD and Microsoft Services Accounts. For the leaked credentials for which we found a match, we force a password reset. No additional action is required on the consumer side. On the enterprise side, Microsoft will elevate the user risk and alert the administrator so that a credential reset can be enforced,” the team added.
“For the leaked credentials for which we found a match, we force a password reset. No additional action is required on the consumer side. On the enterprise side, Microsoft will elevate the user risk and alert the administrator so that a credential reset can be enforced,” it explained.
“Given the frequency of passwords being reused by multiple individuals, it is critical to back your password with some form of strong credential. Multi-Factor Authentication (MFA) is an important security mechanism that can dramatically improve your security posture.”
Microsoft claimed that 99.9% of identity attacks can be mitigated by turning on MFA. “Given the frequency of passwords being reused by multiple individuals, it is critical to back your password with some form of strong credential. Multi-Factor Authentication (MFA) is an important security mechanism that can dramatically improve your security posture. Our numbers show that 99.9% of identity attacks have been thwarted by turning on MFA,” Microsoft advised.