@RS_Admin This is a huge problem. It looks strange enough to be a sign that a sloppy developer or hacker changed the language on us. I started a support ticket that went a little like this:
Me: Either Microsoft screwed something up or we are on the leading edge of a solarwinds size attack. MS needs to say something about which it is immediately.
Microsoft: Have you tried inprivate browsing?
Me: This is being reported on hundreds of tenants across the US and world. This isn't a (mycompany) screwed up error or an individual machine error:
Microsoft: We need to collect super detailed logs from your machine and then you need to email them
Me: If your legal department confirms you are A. Not a 3rd party contractor, B. Located in the USA and C. Covered by the Microsoft BAA, then we can do that. Or you could check your own tenant.
Microsoft: Uhhh what, we will delete your data when we are done. It is very safe.
Me: I need to escalate, this is way above your pay grade
Microsoft: So you refuse to give us the logs
Me: So you refuse to escalate this case, yes or no
Circles and circles. We are having a meeting in a few hours to discuss the risk/cost of shutting down all systems and wait for MS to say something vs the risk of losing protected data if this is a real incident. No other indicators of compromise, no unexpected activity on firewalls etc. Waiting for my lawyers to weigh in as well. Can we actually sue them if we lose a bunch of money over this?
Microsoft support is beyond useless at this point. They have home user level support for E5 licenses. Why can't I just pay $20k per incident like the old days with premier cases? I would do that in a heartbeat and move on.
