T-Mobile Austria stores passwords as plain text, Outlook gets message crypto, OneDrive fights ransomware

Microsoft has added more cybersecurity mechanisms for some its apps. For a start, Microsoft has added password protection for links shared on its OneDrive cloud storage system and Outlook now have end-to-end message encryption. Users of Outlook.com, Outlook for iOS and Android, or Windows Mail can now send encrypted messages between themselves easily.

Word, Excel, and PowerPoint now have automatic scanning of links embedded in documents. Their new code will check out the URLs to make sure that they aren’t on Redmond’s databases of dodgy websites and pages.
OneDrive tries to eradicate ransomware, which has become so prevalent over the last year. The Files Restore feature for paid subscribers now supports restore OneDrive contents from a backup that covers the previous 30 days of use, meaning if some malware has scrambled your files, you can retrieve intact copies.
LockCrypt ransomware, a particularly nasty strain of the criminal code is taking a hit too because we discovered that its creators had made a big mistake. Rather than using a proven encryption system, the writers had rolled their own and weren’t that good at it. As a result, it now looks likely that some LockCrypt-infected PCs can now get their files back using suitable recovery tools.

This kind of malicious cyber attacks can also be repealed by installing a cybersecurity solution like an antivirus for Windows or antivirus for Mac, depending on which OS their device is running. Besides this, a company must hire a cybersecurity firm that will lunch on purpose various attacks on company’s network to reveal its flaws.

Another significant cybersecurity threat comes from T-Mobile Austria that is storing customer passwords in plain text. T-Mobile Austria’s Twitter account confirmed this, but there is no need to worry because “their security is amazingly good.”

Claudia Pellegrino @c_pellegrino 4 Apr:
Does T-Mobile Austria in fact store customers’ passwords in clear text @tmobileat? @PWTooStrong @Telekom_hilft


T-Mobile Austria @tmobileat
Hello Claudia! The customer service agents see the first four characters of your password. We store the whole password, because you need it for the login for http://mein.t-mobile.at

@Korni22 6 Apr
Replying to @tmobileat and 3 others
Well, what if your infrastructure gets breached and everyone’s password is published in plaintext to the whole wide world?

T-Mobile Austria @tmobileat
@Korni22 What if this doesn’t happen because our security is amazingly good? ^Käthe

That line is going to bite T-Mobile Austria in the backside, if or when they next get hacked. T-Mobile USA confirmed it does not store passwords in plain text.
T-Mobile Austria is not the only one in Europe struggling with cybersecurity problems like storing passwords in plaintext. The Finnish Communications Regulatory Authority has issued an alert after the New Business Center in Helsinki, got hacked and information on 130,000 user accounts, and their plaintext passwords were stolen making this the third most significant data loss in numbers of users in Finnish history.

To reduce and eventually eliminate all the risk of this kind of cybersecurity problems practice good cyber security habits, update your apps and OSs to latest versions available and implement a robust cybersecurity solution into your devices like an antivirus for Windows or antivirus for Mac depending on which OS is your machines running. We also recommend every company to hire a specialized cybersecurity firm that will perform various tests like a penetration test and various ethical hacking tests on company’s network to reveal if any network flaws are present.

For companies that exist 100% online, we recommend the using of cyber-secured web hosting services.