Home Page Navigation Contents Contact Sitemap Search
HomeNewsMicrosoft data leak

Microsoft data leak

250 million Microsoft support data have been publicly accessible in December, enabling fraudsters to potentially abuse these for phishing mails or telephone scams. Protect yourself!

Over the period from 5th to 31st December 2019, 250 million entries containing Microsoft customer support data have been left unprotected and publicly accessible. Once notified, Microsoft is said to have reacted and closed this data leak within 24 hours. Customer data affected are purportedly going back as far as 2005. They include chat recordings, e-mail addresses and location data.

The fear now is that fraudsters will be able to abuse this information to draw up plausible spamming or phishing mails. With Microsoft, it would also be conceivable that these data are used by telephone scammers. Fake telephone support by purported Microsoft support staff has been a perennial scam for years. So far it is not known whether any unauthorised people were able to access these data.

How to protect yourself:

  • Immediately terminate any unsolicited calls by purported Microsoft, other IT support company or financial institution employees. Never rely on a number shown on your telephone display to be actually correct.
  • Always call the official Microsoft, other IT support company or financial institution official telephone number in case of any support queries. These can be found on your bills or account statements.
  • Never disclose any confidential information, such as passwords, during telephone calls.
  • Never use any links you receive by e-mail, SMS or messenger services, or scan in any QR codes to log into a Microsoft, IT support company or your financial institution site.
  • Never fill in any forms received by e-mail asking you to enter log-in information.
  • Always enter the address for your online service provider or financial institution log-in page manually via the browser address line.
  • Check there is an SSL connection (https://, lock symbol) when calling up a log-in page, and verify that the Internet address shown in the address bar of your browser actually indicates that you have reached the correct page.

Additional information can also be found in our articles on phishing and fraudulent support calls.

Learn how to effectively protect yourself against Internet fraudsters by attending our course!

You might also be interested in these articles:

What else would you like to learn about security when e-banking?

Register for a course now
and learn more:

Online basic course

Find out about current Internet threats and some easy protective measures, and how to securely use e-banking.

further information

Online course mobile banking/payments

Find out about mobile banking, mobile payments and how to securely use these apps.

further information

Online course for the under-30s

Learn how to use your smartphone securely. Next to basics, we will show you what you should know about social media, clouds, mobile banking and mobile payments.

further information

Online course for SMEs

Is your organisation sufficiently secure? Learn which measures you can take to significantly strengthen your organisation’s IT security.

further information

Please remain careful in 2020, too!Spring 2020 «eBanking – but secure!» courses