Storm-0558 did some havoc, but Microsoft will deal with it

Reading time icon 2 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Storm-0558 microsoft security

In May this year, a Chinese threat actor Microsoft called Storm-0558, caused serious havoc by hacking and gaining access to email accounts affecting approximately 25 organizations. These organizations were government institutions and a lot of consumer accounts of people associated with these organizations were affected by the attack.

It happened over the course of several weeks in May and June, and Microsoft finally acknowledged the problem on June 16, 2023.

Ever since, a lot of users have become critical of the Redmond-based tech giant, for allegedly paying it to protect themselves against Microsoft’s mistakes.

However, just last week, Microsoft released a statement saying they will add more cloud security to all customers with no additional cost, in an effort to repay the customers’ patience.

The additional package is made in collaboration with CISA, and here’s what it offers, according to Microsoft’s announcement:

  • Microsoft Purview Audit (Standard) customers will receive deeper visibility into security data, including detailed logs of email access and more than 30 other types of log data previously only available at the Microsoft Purview Audit (Premium) subscription level.
  • Microsoft is also increasing the default retention period for Audit Standard customers from 90 days to 180 days.
  • Commercial and government customers with E5/G5 licenses already using Microsoft Purview Audit (Premium) will continue to receive access to all available audit logging events, including intelligent insights, which help determine the scope of potential compromise by using the Audit log search in the Microsoft Purview compliance portal and the Office 365 Management Activity API.
  • Additional Audit Premium features include longer default retention periods and automation support for importing log data into other tools for analysis.

These updates will start to rollout in September 2023 to all government and commercial customers and you can visit the Microsoft Purview compliance portal to access the updates and the new logs as they become available. Were you affected by Storm-0558? Tell us all about your experience in the comments section below.

More about the topics: microsoft, microsoft security, security