cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Defender 365 - SmartAlerts: User exfiltrating sensitive information via Removable Media

MikeP751860
Occasional Contributor

‎Mar 30 2023 01:33 AM

‎Mar 30 2023 01:33 AM

Defender 365 - SmartAlerts: User exfiltrating sensitive information via Removable Media

Hi,

 

In the past few days we have started seeing incidents/alerts for "SmartAlerts: User exfiltrating sensitive information via Removable Media". We do not believe we have enabled any features or created policies which would start generating these incidents/alerts.

 

Is this something new from Microsoft as I cannot find any information on it?

 

Anyone able to help please?

 

Regards

 

Mike

1,263 Views
1 Like
3 Replies
Reply
3 Replies
Bradley Rodgers

‎Mar 30 2023 11:26 AM

‎Mar 30 2023 11:26 AM

Re: Defender 365 - SmartAlerts: User exfiltrating sensitive information via Removable Media

@MikeP751860 

We started getting these a few days ago.  Sure would be nice if Microsoft could explain what these are

0 Likes
Reply
i-_-i

‎Apr 04 2023 04:28 AM

‎Apr 04 2023 04:28 AM

Re: Defender 365 - SmartAlerts: User exfiltrating sensitive information via Removable Media

@MikeP751860 We have the same across multiple clients.  

I can't find any documentation on this either, why did it happen and where can we tune this?

0 Likes
Reply
nbaker_2111

‎Apr 04 2023 02:23 PM

‎Apr 04 2023 02:23 PM

Re: Defender 365 - SmartAlerts: User exfiltrating sensitive information via Removable Media

Hi Mike,

We too have started getting these. I have been searching pretty hard to find information about them. I just found this today and I also found a page that does talk about SmartAlerts, a bit and wanted to share it with the community.

https://techcommunity.microsoft.com/t5/security-compliance-and-identity/learn-how-microsoft-purview-...

You can find them talking about SmartAlerts in line item #3.

Hopefully this helps out. I know for me it did and I understand the system a bit more. However, you cannot tune these from my understanding... Nor have I found anywhere else that has talked about them.
0 Likes
Reply