Security News > 2023 > July > Microsoft expands access to cloud logging data for free after Exchange hacks
Microsoft is expanding access to additional cloud logging data for customers worldwide at no additional cost, allowing easier detection of breached networks and accounts.
This wider availability comes after Chinese hackers stole a Microsoft signing key that allowed them to breach corporate and government Microsoft Exchange and Microsoft 365 accounts to steal email.
Today, the US Cybersecurity and Infrastructure Security Agency, more commonly known as CISA, announced that it has been working with Microsoft to identify critical logging data points that should be included for all Microsoft customers for free.
Due to these discussions, and likely the recent attacks, Microsoft says that they are expanding access to the premium cloud logging to all customers for free, with more becoming available in September 2023.
"Today we are expanding Microsoft's cloud logging accessibility and flexibility even further. Over the coming months, we will include access to wider cloud security logs for our worldwide customers at no additional cost," said Microsoft in a new post on the expanded logging.
To access this data, Microsoft customers can use Microsoft Purview Audit to see detailed logs of email access and 30 other data points previously only available to licensed customers.
News URL
Related news
- US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack (source)
- Microsoft to shut down 50 cloud services for Russian businesses (source)
- Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Germany warns of 17K vulnerable Microsoft Exchange servers exposed online (source)
- These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb (source)
- Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online (source)
- Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- CISA orders agencies impacted by Microsoft hack to mitigate risks (source)