MD-2023-0811

Statement on MD-2023-0811 Microsoft Azure Breach

August 11, 2023

Information

Microsoft investigations determined that Storm-0558 gained access to customer email accounts using Outlook Web Access in Exchange Online (OWA) and Outlook.com by forging authentication tokens to access user email.

• More info at Microsoft Security Blog

Severity

Low

Response

Melissa Data Corporation (“Melissa”) was not impacted by Microsoft Azure Breach. Any Melissa commercial web services or products were not impacted by this vulnerability.

Melissa will continue to follow all guidance provided for this vulnerability as necessary to prevent any future risks.

If you have any additional questions, please contact Melissa’s Compliance department at Compliance@melissa.com.