Companies are Careless with User Data Sharing

TwitterGoogle+FacebookLinkedInPinterestTumblrStumbleUponRedditShare This

Alvin Bryan

Alvin Bryan is a freelance writer and online privacy enthusiast enthusiast currently contributing quality tips and troubleshooting on personal VPN services, and online privacy and security news. You can also find him on Google +.

SEA User Data SharingThe Syrian Electronic Army (SEA) hacked Microsoft last month. The information they dug up reveals how negligent companies are with user data sharing. And it also shows how much law enforcement pays Microsoft for court ordered user data sharing.

Careless with User Data Sharing

Law enforcement agencies like the FBI regularly make requests for user data sharing from big companies like Microsoft. The SEA hack produced several documents that show Microsoft’s interactions with law enforcement from around the world. Among the data they were able to access were user email addresses, account holders’ names, locations, and IP addresses, criminal subpoenas, and access keys. Experts believe that these keys are the passwords that give agencies like the FBI access to the packets that are turned over to comply with user data sharing. In the hands of hackers, these keys mean major data breaches suffered by users.

User Data Sharing MicrosoftThe recent hack by SEA is the third targeted attack on data related to requests from law enforcement agencies. The fact that hackers were able to access the information proves that Microsoft and other companies are not being careful. They are not securing the files related to orders that they receive for user data. It also makes data security experts suspect that these companies are not being careful when they process user data either. This makes user data vulnerable to breaches, which is an obvious privacy concern. User data sharing must be secure so the data passes only to government agencies. Now it is evident that Microsoft at least is not being careful enough with user data sharing processes.

Microsoft maintains that the data privacy of their users is their main concern. They also said that they are working on educating their employees to improve security. They declined to comment on the documents released by SEA. And they refuse to confirm that the user data SEA claims to have taken is really from their user data sharing files. But the company did admit that the social media accounts and emails of a few employees were subjected to phishing attacks. And the company’s Trustworthy Computing Group General Manager Adrienne Hall also said that in those attacks, some material related to user data sharing with law enforcement were taken.

FBI Pays for Microsoft User Data

FBI User Data SharingSome people already know that agencies like the FBI pay Internet companies for user data sharing. But it was previously unknown how much companies like Microsoft really pay for each request for user data sharing . During the recent SEA hack, some email messages and invoices from the company’s Global Criminal Compliance group were taken. SEA shared the invoices with the online newspaper the Daily Dot, and Gizmodo also has a complete list of them. The invoices came from the Digital Intercept Technology Unit, a top secret division of the FBI.

According to the hacked invoices, the FBI is paying Microsoft exorbitant amounts for user data sharing. It is legal for Microsoft to charge fees for the processing of user data sharing requests. But the invoices show that Microsoft charges $200 for each request. This is taxpayer money, and it totals in the millions of dollars every year.

5 thoughts on “Companies are Careless with User Data Sharing

  1. Pingback: Annie

  2. Pingback: Ted

  3. Pingback: Sammi Dean

  4. Pingback: Vince

  5. Pingback: Fred

Comments are closed.