Compromised Passwords Used on 44 Million Microsoft Accounts

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots

10th December, 2019 1 Min read

44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking due to use of compromised passwords, Microsoft has shared.

The discovery was made in the first quarter of 2019, when the company’s identity threat research team checked billions of credentials compromised in different breaches against Microsoft consumer and enterprise account credentials.

Book a demo today to see GlobalDots is action.

Data breaches have become a fact of life for both businesses and individuals, making password reuse across online accounts a big problem. Year after year, surveys show that convenience trumps security for too many users – even infosec professionals.

Some organizations set up stringent password rules to prevent users from choosing short, predictable and easy-to-guess passwords. To help with that Microsoft has, for example, provided Azure AD Password Protection to enterprise users.

Google has also offered Chrome users an extension that detects username/password combinations that have been compromised due to breaches and recently built the technology into Google Account’s Password Manager (and soon the Chrome browser).

A digital background featuring a lock icon surrounded by circular and square patterns in shades of blue.

Latest Articles

Cloud Security Cloud Workload Protection Vulnerability Management

The Security Blind Spot: Business Logic Failures and How to Catch Them

Security leaders know the drill: vulnerability scanners run their course, reports stack up, and yet attackers still slip through. What’s going wrong? We sat down with Yosef Yekutiel, CISO & Data Privacy Officer at MaccabiDent, at GlobalDots’ recent “Red Team Reality Check” event to unpack this gap, and how modern offensive security can fill it. […]

Ganesh The Awesome

27th August, 2025

Monitoring, Logging & Observability

How NetRefer Cut Observability Costs by €96,000 Per Year in Just 3 Months with GlobalDots

Overview NetRefer, a leading iGaming affiliate marketing platform, utilized Azure cloud-native monitoring tools. Shortcomings needed to be resolved, and the business required next-generation observability. Problems that needed to be solved: Through GlobalDots’ expertise in selecting and implementing the right observability solution, NetRefer achieved €96,000 in annual savings and gained real-time observability across their entire platform […]

Ganesh The Awesome

24th July, 2025

Web Security

Vulnerability Assessments vs. Penetration Testing: Key Differences, Use Cases & Best Practices

They’re not interchangeable. A vulnerability assessment identifies known flaws at scale. A penetration test mimics an actual attacker probing for impact. Yet many teams treat them the same. They substitute one for the other, check a compliance box, and move on as if they’re covered. They’re not. And that gap shows up later in real-world […]

Ganesh The Awesome

7th July, 2025

Web Security

Web Application Firewalls (WAFs): The Evolving First Line of Defense in Cloud Security

Modern applications are built for speed, not simplicity. Containers, microservices, and cloud-native deployments have blown up the security perimeter. Traditional tools can’t keep up with this complexity. That’s why Web Application Firewalls (WAFs) matter. But the WAF of 2025 isn’t just an appliance sitting in front of a static website. It’s a flexible, cloud-aware security […]

Ganesh The Awesome

7th July, 2025

Back to Resources

Unlock Your Cloud Potential