Exploit: Nation-State Hacking
Microsoft: Software Developer
Risk to Small Business: 1.227 = Extreme
Microsoft is reporting a that suspected Chinese nation-state actors have exploited a flaw in Exchange that has given them some access to data or email accounts. The company estimates that 30,000 or so customers were affected. This flaw impacts a broad range of customers, from small businesses to local and state governments and some military contractors. The hackers were able to steal emails and install malware to continue surveillance of their targets. Patches are available and should be installed immediately.
Individual Risk: No sensitive personal or financial information was announced as part of this incident from Microsoft directly, but organizations around the world will be conducting assessments with potentially wide-ranging fallouts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This is a tremendous problem for businesses of every size, and something that will be lingering for years for impacted organizations.