MD-2023-0811#
Statement on MD-2023-0811 Microsoft Azure Breach#
August 11, 2023
Information#
Microsoft investigations determined that Storm-0558 gained access to customer email accounts using Outlook Web Access in Exchange Online (OWA) and Outlook.com by forging authentication tokens to access user email.
More info at Microsoft Security Blog
Severity#
Low
Response#
Melissa Data Corporation (“Melissa”) was not impacted by Microsoft Azure Breach. Any Melissa commercial web services or products were not impacted by this vulnerability.
Melissa will continue to follow all guidance provided for this vulnerability as necessary to prevent any future risks.