Microsoft says it will start warning users of its consumer services including Outlook when it suspects a government has tried to hack their accounts.
The policy change comes nine days after the company was asked why it had decided not tell victims of a hacking campaign, discovered in 2011, that had targeted international leaders of China's Tibetan and Uighur minorities.
According to two former employees of Microsoft, the company's own experts had concluded several years ago Chinese authorities had been behind the campaign but the company did not pass on the information to users of its Hotmail service, which is now called Outlook.com.
In its statement, Microsoft said neither it nor the US government could pinpoint the sources of the hacking attacks and that they didn't come from a single country.
The policy shift at the world's largest software company follows similar moves since October by internet giants Facebook Inc, Twitter Inc and most recently Yahoo Inc.
Google Inc pioneered the practice in 2012 and said it now alerts tens of thousands of users every few months.
For two years, Microsoft has offered alerts about potential security breaches without specifying the likely suspect.
In a statement issued on Wednesday Microsoft said: "As the threat landscape has evolved our approach has too, and we'll now go beyond notification and guidance to specify if we reasonably believe the attacker is 'state-sponsored'."
In a blog post it said: "We're taking this additional step of specifically letting you know if we have evidence the attacker may be 'state-sponsored' because it is likely the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.
The Hotmail attacks targeted diplomats, media workers, human rights lawyers, and others in sensitive positions inside China, according to the former employees.
Microsoft had told the targets to reset their passwords but not that they had been hacked.
Share
