Help, Azure AD says my credentials Leaked!

So, waking up to leaked credentials can be frustrating. Probably since you do not know how exactly they got leaked. Fortunatly Azure AD have some sugestions on what to do.

Read more about leaked credentials here:

https://blogs.microsoft.com/cybertrust/2015/06/18/the-risk-of-leaked-credentials-and-how-microsofts-cloud-helps-protect-your-organization/

This is what it looks like in Azure Identity Protection and how you mitigate the impact:

control panel — A very high risk, click the risk to see what it is.

what happened — Here you see what it was all about, click on the event to se which user

who had it leaked — here you see the user. click on the user to get actions on what to do

solutions — Here is what I did to mitigate the event.

I simply requested the user for a password change. Keep in mind that the malware that did this might have stolen all other passwords as well. It might also be active on the target device, så MFA might be something you should consider.

Also have the user change passwords on all other services he uses!

And, have him wipe his device!

2 thoughts on “Help, Azure AD says my credentials Leaked!”

Add yours

hailhailxoltar
May 6, 2016 at 7:03 pm


Awesome feature from Azure! Usually you just find out you’ve been hacked when your friends tell you they are getting spam from you, or a new credit card bill comes in the mail with charges on a card you never applied for. 🙂 I like this proactive approach to security!

LikeLike

- haukeberg
  May 6, 2016 at 8:00 pm
  
  
  Azure IDP also sent my brother “the leaked” user. An email saying that he should change his password being all proactive
  
  LikeLike

Håvard Siegel Haukeberg

Paste life: Ctrl+C -> Ctrl+V