Microsoft Corporation
On March 30, 2019, the Organization received an external report about a person online selling access to the Organization?s consumer Outlook.com email accounts. The Organization investigated and confirmed that the seller was providing valid credentialed access to an internal support tool. The credentials were from a call centre support supervisor who worked for the Moroccan office of a company providing customer support services to the Organization. The supervisor had, against policy, given credentialed access directly to five support agents on his team who supported consumer email products. The Organization reported its ??investigation also has included a review of the internal authentication logs for the support supervisor’s credentials. This review identified suspicious authentication activity going back at least 12 months?.