Microsoft said it will soon begin warning users of its Outlook.com email service when a government is suspected of hacking into their accounts.
Microsoft informed Reuters about its intentions recently. The move comes just nine days after Reuters also asked the company why it had not told victims about a hacking campaign in 2011 that mainly targeted international leaders of China’s Tibetan and Uighur minorities.
Two former employees of Microsoft claimed the company’s experts concluded years ago that Chinese authorities were behind the campaign, but they had not passed that onto users of Hotmail, which had now been rebranded as Outlook.com.
In the statement, Microsoft stated that neither the Redmond-based company or the US government could determine the source of the attacks, and that they did not originate in a single country.
The change in policy at the software company follows similar moves by Internet companies Facebook, Twitter and Yahoo.
Google in fact started the practice in 2012 and says it now alerts tens of thousands of users every couple of months.
For two years Microsoft has already offered alerts however about possible security breaches but never specified the likely suspects. The the recent statement, Microsoft said: “As the threat landscape has evolved our approach has too, and we’ll now go beyond notification and guidance to specify if we reasonably believe the attacker is ‘state-sponsored'”.
The company did not reveal whether the Hotmail hacking campaign played any role in its change of policy. Those attacks also targeted diplomats, media works, human rights lawyers, and others in positions inside China, according to Microsoft’s former employees.
They had apparently advised the targets to change their passwords but didn’t tell them they had been hacked. Meanwhile, five victims that Reuters interviewed said they did not interpret the password change request as an indication of hacking.