Microsoft will begin alerting users of its online services, including Outlook.com, when it suspects their accounts are being hacked by government entities.
The world’s largest software company announced the new policy in a blog post late Wednesday.
“We will now notify you if we believe your account has been targeted or compromised by an individual or group working on behalf of a nation state,” the post said.
Microsoft is taking the additional security step because state-sponsored attacks are often “more sophisticated or more sustained than attacks from cybercriminals and others,” it said.
“If you receive one of these notifications it doesn’t necessarily mean that your account has been compromised, but it does mean we have evidence your account has been targeted, and it’s very important you take additional measures to keep your account secure,” the post added.
The statement did not mention any specific countries believed to have been targeting Microsoft users.
But the Reuters news agency said the policy change came nine days after it asked the company why it had declined to inform victims of a 2011 hacking campaign targeting exiled members of China’s Tibetan and Uighur communities.
The news agency spoke with two former Microsoft employees who said company experts “had concluded several years ago that Chinese authorities had been behind the campaign but the company did not pass on that information.”
Earlier this year, Facebook and Twitter announced they would also warn users when they believe state-sponsored hackers may be trying to access user accounts.
In its statement, Microsoft on Wednesday stressed that a notification does “not mean that Microsoft’s own systems have in any way been compromised.”
It also said it will not be able to detail why it believes a specific attack was state-sponsored.
“The evidence we collect in any active investigation may be sensitive, so we do not plan on providing detailed or specific information about the attackers or their methods,” the statement said.