{"id":8483,"date":"2021-03-16T21:40:40","date_gmt":"2021-03-16T20:40:40","guid":{"rendered":"https:\/\/www.robin-data.io\/?p=8483"},"modified":"2025-03-24T13:38:42","modified_gmt":"2025-03-24T12:38:42","slug":"hacker-attack-microsoft-exchange-server","status":"publish","type":"post","link":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/hacker-attack-microsoft-exchange-server","title":{"rendered":"Attackers-attack-Microsoft-Exchange-Server"},"content":{"rendered":"<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2f7bsz-5e6b7f9ddc4d4d6184ffa6b3667694d2\">\n.flex_column.av-2f7bsz-5e6b7f9ddc4d4d6184ffa6b3667694d2{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-2f7bsz-5e6b7f9ddc4d4d6184ffa6b3667694d2 av_one_full  avia-builder-el-0  el_before_av_one_half  avia-builder-el-first  first flex_column_div av-zero-column-padding'     ><p><section  class='av_textblock_section av-kravbiyo-52ef29965eea096b3b4d4f4abd9498ad'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><strong><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\" target=\"_self\" data-trp-original-href=\"https:\/\/www.robin-data.io\/datenschutz-akademie\" data-trp-original-target=\"_self\">Data Protection Academy<\/a>\u00a0\u00bb\u00a0<a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\" target=\"_self\" data-trp-original-href=\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\" data-trp-original-target=\"_self\">Data Protection News<\/a>\u00a0\u00bb Attack on Microsoft Exchange Server<\/strong><\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kr2gzn-41dbbc2633c9435cfa17bf1642e7432f\">\n.avia-image-container.av-kr2gzn-41dbbc2633c9435cfa17bf1642e7432f img.avia_image{\nbox-shadow:none;\n}\n.avia-image-container.av-kr2gzn-41dbbc2633c9435cfa17bf1642e7432f .av-image-caption-overlay-center{\ncolor:#ffffff;\n}\n<\/style>\n<div  class='avia-image-container av-kr2gzn-41dbbc2633c9435cfa17bf1642e7432f av-styling- avia-align-left  avia-builder-el-2  el_after_av_textblock  el_before_av_hr'   itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" fetchpriority=\"high\" class='wp-image-14055 avia-img-lazy-loading-not-14055 avia_image' src=\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\" alt='A mouse cursor moves over the word &quot;Security&quot;. Attack on Microsoft Exchange Server' title=''  height=\"343\" width=\"685\"  itemprop=\"thumbnailUrl\" srcset=\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg 685w, https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne-300x150.jpg 300w, https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne-18x9.jpg 18w\" sizes=\"(max-width: 685px) 100vw, 685px\" \/><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kmcej5jx-06157613f53bfa421836e03b2ab7343b\">\n#top .hr.hr-invisible.av-kmcej5jx-06157613f53bfa421836e03b2ab7343b{\nheight:15px;\n}\n<\/style>\n<div  class='hr av-kmcej5jx-06157613f53bfa421836e03b2ab7343b hr-invisible  avia-builder-el-3  el_after_av_image  el_before_av_heading'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-fkkfqr-1e1b55057b0dbf5fa3144d3d145b538c\">\n#top .av-special-heading.av-fkkfqr-1e1b55057b0dbf5fa3144d3d145b538c{\npadding-bottom:10px;\ncolor:#303440;\n}\nbody .av-special-heading.av-fkkfqr-1e1b55057b0dbf5fa3144d3d145b538c .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-fkkfqr-1e1b55057b0dbf5fa3144d3d145b538c .special-heading-inner-border{\nborder-color:#303440;\n}\n.av-special-heading.av-fkkfqr-1e1b55057b0dbf5fa3144d3d145b538c .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-fkkfqr-1e1b55057b0dbf5fa3144d3d145b538c av-special-heading-h1 custom-color-heading  avia-builder-el-4  el_after_av_hr  el_before_av_hr'><h1 class='av-special-heading-tag'  itemprop=\"headline\"  >Attack on Microsoft Exchange Server: What to do now?<\/h1><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kmcej5jx-15-9a56cd199d25e9894ccd06a2af0a2e6a\">\n#top .hr.hr-invisible.av-kmcej5jx-15-9a56cd199d25e9894ccd06a2af0a2e6a{\nheight:15px;\n}\n<\/style>\n<div  class='hr av-kmcej5jx-15-9a56cd199d25e9894ccd06a2af0a2e6a hr-invisible  avia-builder-el-5  el_after_av_heading  el_before_av_heading'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-erx9tv-9c5a10ce7ac6cbaf0e2aacc8bd1b3b9a\">\n#top .av-special-heading.av-erx9tv-9c5a10ce7ac6cbaf0e2aacc8bd1b3b9a{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-erx9tv-9c5a10ce7ac6cbaf0e2aacc8bd1b3b9a .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-erx9tv-9c5a10ce7ac6cbaf0e2aacc8bd1b3b9a .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-erx9tv-9c5a10ce7ac6cbaf0e2aacc8bd1b3b9a av-special-heading-h2 blockquote modern-quote  avia-builder-el-6  el_after_av_hr  el_before_av_textblock'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Background<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-klrzysk4-943b87ee011bfa9ab2cc40d92c4c318a'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Microsoft Exchange is a globally used email software or a software for handling email traffic, keeping address books, managing appointments and organising work groups. Exchange is available as a cloud application in Office 365 and as an on-premise variant. Microsoft Exchange is used by businesses, government agencies or general organisations of all shapes and sizes around the world. With the attack on the local, i.e. on-premise servers were hacked via four combined security vulnerabilities.<\/p>\n<p>Many companies are affected by the attack. According to various sources, there could be over 250,000 victims worldwide, the financial service Bloomberg knows of 60,000 affected email servers , the IT security specialist Brian Krebs and computer magazine \"Wired\" report of 30,000 hacked email servers in the US alone. Kaspersky evaluated since the beginning of March attacks at more than 1200 users, according to this analysis, Germany 26.93% of the attacks is one of the countries with the largest number of affected. According to information from IT service provider Shodan, tens of thousands of German Exchange servers are both vulnerable and presumably already infected with malware. Among them are probably six German authorities, including the Federal Environment Agency. The German Federal Office for Information Security then issued a \"red alert\", the first time in many years and only the third time overall, and recommends that all those affected immediately apply the patches provided by Microsoft.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-buiwlv-250ba3491ed83020277962f688d16f50\">\n#top .av-special-heading.av-buiwlv-250ba3491ed83020277962f688d16f50{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-buiwlv-250ba3491ed83020277962f688d16f50 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-buiwlv-250ba3491ed83020277962f688d16f50 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-buiwlv-250ba3491ed83020277962f688d16f50 av-special-heading-h2 blockquote modern-quote  avia-builder-el-8  el_after_av_textblock  el_before_av_timeline'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Timing of the incident<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kmc209gy-e2c401efb37155f4d0885e8e54acae8a\">\n.avia-timeline-container.av-kmc209gy-e2c401efb37155f4d0885e8e54acae8a .av-milestone-date{\nfont-size:20px;\n}\n.avia-timeline-container.av-kmc209gy-e2c401efb37155f4d0885e8e54acae8a .av-milestone-icon.milestone-icon-hasborder{\nbackground-color:#00b3bd;\n}\n.avia-timeline-container.av-kmc209gy-e2c401efb37155f4d0885e8e54acae8a .av-milestone-icon-inner{\nbackground-color:#ffffff;\ncolor:#00b3bd;\n}\n.avia-timeline-container.av-kmc209gy-e2c401efb37155f4d0885e8e54acae8a .av-milestone-indicator{\nbackground-color:#ffffff;\n}\n.avia-timeline-container.av-kmc209gy-e2c401efb37155f4d0885e8e54acae8a .av-milestone-article-footer{\nbackground-color:#ffffff;\n}\n.avia-timeline-container.av-kmc209gy-e2c401efb37155f4d0885e8e54acae8a i.milestone-char.avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<div  id=\"avia-timeline-1\"  class='avia-timeline-container av-kmc209gy-e2c401efb37155f4d0885e8e54acae8a av-slideshow-ui  avia-builder-el-9  el_after_av_heading  el_before_av_hr' ><ul class='avia-timeline avia-timeline-vertical av-milestone-placement-left avia-timeline-boxshadow avia_animate_when_almost_visible avia-timeline-animate'>\n<li  class='av-milestone av-fdxo2b-a6a6c41ad82c22a20cae99bc5cf0c5f4 av-animated-generic fade-in av-milestone-valign-baseline av-milestone-odd'><h2 class='av-milestone-date' id='milestone-12-20' ><strong>12\/20<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon milestone-icon-hasborder avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue826' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: 10 December 2020\"><h4 class='av-milestone-title'>10 December 2020<\/h4><\/header><div class='av-milestone-content'><p>Vulnerability identified by Devcore, an IT security consultancy based in Taiwan<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<li  class='av-milestone av-dkxcir-4846924434b056fed41cf992fa27bed9 av-animated-generic fade-in av-milestone-valign-baseline av-milestone-even'><h2 class='av-milestone-date' id='milestone-01-21' ><strong>01\/21<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon milestone-icon-hasborder avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: 05 January 2021\"><h4 class='av-milestone-title'>05 January 2021<\/h4><\/header><div class='av-milestone-content'><p>Information submitted to Microsoft Security Center<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<li  class='av-milestone av-cd378z-2038b645379728cc98051ae1e5ee49d0 av-animated-generic fade-in av-milestone-valign-baseline av-milestone-odd'><h2 class='av-milestone-date' id='milestone-01-21' ><strong>01\/21<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon milestone-icon-hasborder avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue83e' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: 06-08 January 2021\"><h4 class='av-milestone-title'>06-08 January 2021<\/h4><\/header><div class='av-milestone-content'><p>Confirmation of the vulnerability by Microsoft<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<li  class='av-milestone av-aux6mr-f5bca469e202ac640705626df65b4679 av-animated-generic fade-in av-milestone-valign-baseline av-milestone-even'><h2 class='av-milestone-date' id='milestone-02-21' ><strong>02\/21<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon milestone-icon-hasborder avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue8d2' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: 18 February 2021\"><h4 class='av-milestone-title'>18 February 2021<\/h4><\/header><div class='av-milestone-content'><p>Announcement of patches by Microsoft<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<li  class='av-milestone av-9dnykj-b5740b96038db13c033d46543d6c2a6f av-animated-generic fade-in av-milestone-valign-baseline av-milestone-odd'><h2 class='av-milestone-date' id='milestone-03-21' ><strong>03\/21<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon milestone-icon-hasborder avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue82f' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: 03 March 2021\"><h4 class='av-milestone-title'>03 March 2021<\/h4><\/header><div class='av-milestone-content'><p>Publication of the security update by Microsoft<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<\/ul><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kmc4d46o-f3e245695d871609299f0088359c8084\">\n#top .hr.hr-invisible.av-kmc4d46o-f3e245695d871609299f0088359c8084{\nheight:20px;\n}\n<\/style>\n<div  class='hr av-kmc4d46o-f3e245695d871609299f0088359c8084 hr-invisible  avia-builder-el-10  el_after_av_timeline  el_before_av_heading'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-alfqyr-2526063df58233cbaeaa32d731fbf046\">\n#top .av-special-heading.av-alfqyr-2526063df58233cbaeaa32d731fbf046{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-alfqyr-2526063df58233cbaeaa32d731fbf046 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-alfqyr-2526063df58233cbaeaa32d731fbf046 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-alfqyr-2526063df58233cbaeaa32d731fbf046 av-special-heading-h2 blockquote modern-quote  avia-builder-el-11  el_after_av_hr  el_before_av_textblock'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Who is affected by the attack on Microsoft Exchange servers?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-klrzysk4-14-ee9ede49cc89abf53f608d8e85ec5137'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p class=\"translation-block\">Affected are organisations of all shapes and sizes, such as companies, government agencies, and educational institutions, that were using Microsoft Exchange as on-premise solutions in versions 2013, 2016, and 2019 in all expansion stages. The cloud versions of Exchange are not affected. According to the <a href=\"https:\/\/www.bsi.bund.de\/SharedDocs\/Cybersicherheitswarnungen\/DE\/2020\/2020-252437-1021.pdf?__blob=publicationFile&amp;v=1\" target=\"_self\" rel=\"noopener\">Federal Office for Information Security <\/a>, the following product versions are affected, provided the single patch to fix the vulnerability has not been installed:<\/p>\n<ul>\n<li>Microsoft Exchange Server 2010 SP 3 Update RU30 (CVE-2020-0688)<\/li>\n<li>Microsoft Exchange Server 2013 Cumulative Update 23<\/li>\n<li>Microsoft Exchange Server 2016 Cumulative Update 14 and 15<\/li>\n<li>Microsoft Exchange Server 2019 Cummulative Update 3 and 4<\/li>\n<li>Microsoft Exchange Server 2016 Cumulative Update 16 and 17<\/li>\n<li>Microsoft Exchange Server 2019 Cummulative Update 5 and 6<\/li>\n<\/ul>\n<p>As well as older versions.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-98irwj-6ec9ea1f99bcc6a9d4b10a219d07283e\">\n#top .av-special-heading.av-98irwj-6ec9ea1f99bcc6a9d4b10a219d07283e{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-98irwj-6ec9ea1f99bcc6a9d4b10a219d07283e .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-98irwj-6ec9ea1f99bcc6a9d4b10a219d07283e .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-98irwj-6ec9ea1f99bcc6a9d4b10a219d07283e av-special-heading-h2 blockquote modern-quote  avia-builder-el-13  el_after_av_textblock  el_before_av_textblock'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >What are the dangers of attacking Microsoft Exchange servers?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-klrzysk4-13-ec383ec729b84182751e2ca75c2b11fe'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Due to the attack on Microsoft Exchange servers, there is a risk of data leakage, including sensitive information. In many infrastructures, Exchange servers often have far-reaching access rights in the Active Directory. If the system is not set up correctly, attackers can gain admin rights to the central network system. This vulnerability has the dangerous potential to compromise the entire domain with little effort.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-7gsyqr-3dd12339105e2f608c42c3c9ae29b814\">\n#top .av-special-heading.av-7gsyqr-3dd12339105e2f608c42c3c9ae29b814{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-7gsyqr-3dd12339105e2f608c42c3c9ae29b814 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-7gsyqr-3dd12339105e2f608c42c3c9ae29b814 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-7gsyqr-3dd12339105e2f608c42c3c9ae29b814 av-special-heading-h2 blockquote modern-quote  avia-builder-el-15  el_after_av_textblock  el_before_av_textblock'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Who is responsible for the attack on Microsoft Exchange servers?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-klrzysk4-12-d30fc158b82de9388625267bbee0ebc0'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>It is currently suspected that Chinese hackers are involved: Microsoft calls the hacker group \"Hafnium\". According to current findings, the hackers gained access to the Microsoft Exchange servers via four combined security vulnerabilities. Initially, Hafnium is said to have gained access to only a few systems in order to avoid detection. The goal of the hacker attack was and is the data leakage of systems, and the hackers are said to have particularly targeted data in the following categories: Infectious Disease Research, Universities, Law Firms and Companies with Defence Contracts. In the meantime, targeted attacks are assumed, especially since Microsoft is said to have no indications that private customers were also attacked.<\/p>\n<p>When the vulnerability became known in mid-January, the hacker group went on extreme widespread attacks. Hafnium then accessed every system worldwide that was found and was somehow vulnerable. The hackers no longer limited themselves to \"only\" obtaining data, but aimed for complete control over Exchange servers. Microsoft suspects that hafnium could possibly gain administrative rights via networks connected to Exchange servers and compromise complete systems to such an extent that they are irretrievably lost. From 26 February 2021, the hackers are said to have started to automatically build backdoors into vulnerable Exchange servers.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-m35df-72d9838180c2bb17f0f096d05fc3927b\">\n#top .av-special-heading.av-m35df-72d9838180c2bb17f0f096d05fc3927b{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-m35df-72d9838180c2bb17f0f096d05fc3927b .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-m35df-72d9838180c2bb17f0f096d05fc3927b .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-m35df-72d9838180c2bb17f0f096d05fc3927b av-special-heading-h3 blockquote modern-quote  avia-builder-el-17  el_after_av_textblock  avia-builder-el-last'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Install the Microsoft security updates<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><\/p><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-7ymgvn-4a078fc19e44650990b106546f5197c2\">\n.flex_column.av-7ymgvn-4a078fc19e44650990b106546f5197c2{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-7ymgvn-4a078fc19e44650990b106546f5197c2 av_one_half  avia-builder-el-18  el_after_av_one_full  el_before_av_one_half  first flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2yvhmr-385c9d39f6df99698fa8d66954462481\">\n#top .av-special-heading.av-2yvhmr-385c9d39f6df99698fa8d66954462481{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-2yvhmr-385c9d39f6df99698fa8d66954462481 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-2yvhmr-385c9d39f6df99698fa8d66954462481 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-2yvhmr-385c9d39f6df99698fa8d66954462481 av-special-heading-h3 blockquote modern-quote  avia-builder-el-19  el_before_av_textblock  avia-builder-el-first'><div class='av-subheading av-subheading_above'><p>Step 1<\/p>\n<\/div><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Lockdown<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-kmc2n3jh-a76219e5863c64ea2d181a0383b551e7'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The first step of emergency measures should be a lockdown, as the servers are only vulnerable because they can be reached via the internet. Close your firewalls and take your Exchange servers off the network.<\/p>\n<\/div><\/section><\/p><\/div><\/p>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-5wunb7-7cd3cf0009e6172ac91d0dd0ecf9c682\">\n.flex_column.av-5wunb7-7cd3cf0009e6172ac91d0dd0ecf9c682{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-5wunb7-7cd3cf0009e6172ac91d0dd0ecf9c682 av_one_half  avia-builder-el-21  el_after_av_one_half  el_before_av_one_half  flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-yweb7-bdd36db0a382b365d0d38830f025c81a\">\n#top .av-special-heading.av-yweb7-bdd36db0a382b365d0d38830f025c81a{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-yweb7-bdd36db0a382b365d0d38830f025c81a .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-yweb7-bdd36db0a382b365d0d38830f025c81a .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-yweb7-bdd36db0a382b365d0d38830f025c81a av-special-heading-h3 blockquote modern-quote  avia-builder-el-22  el_before_av_textblock  avia-builder-el-first'><div class='av-subheading av-subheading_above'><p>Step 2<\/p>\n<\/div><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Analysis<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-kmc2n3jh-10-b0366f1c586e882c2e453efa487c1fda'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><a href=\"https:\/\/aka.ms\/ExchangeHealthChecker\" target=\"_blank\" rel=\"noopener\">Microsoft has analysis scripts<\/a> published, run it through any existing Exchange server. Get an overview of the signs of compromise.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-ey5tv-7ace0c8dda66ea726fed9d03de90b83e\">\n.flex_column.av-ey5tv-7ace0c8dda66ea726fed9d03de90b83e{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-ey5tv-7ace0c8dda66ea726fed9d03de90b83e av_one_half  avia-builder-el-24  el_after_av_one_half  el_before_av_one_half  first flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kmc2nosv-1fc641909ac72e5599cadcbef0c6d090\">\n#top .av-special-heading.av-kmc2nosv-1fc641909ac72e5599cadcbef0c6d090{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kmc2nosv-1fc641909ac72e5599cadcbef0c6d090 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kmc2nosv-1fc641909ac72e5599cadcbef0c6d090 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-kmc2nosv-1fc641909ac72e5599cadcbef0c6d090 av-special-heading-h3 blockquote modern-quote  avia-builder-el-25  el_before_av_textblock  avia-builder-el-first'><div class='av-subheading av-subheading_above'><p>Step 3<\/p>\n<\/div><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Repair<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-kmc2n3jh-9-ac43f8d3eac7b05ca8f0f991050a5372'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>If the analysis scripts show signs of a compromise, a repair is necessary. Microsoft has provided special patches that customers must install themselves. It is important that the servers have the latest updates installed.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2aji4z-a33af4f6371bca5b83622b9bca7f3094\">\n.flex_column.av-2aji4z-a33af4f6371bca5b83622b9bca7f3094{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-2aji4z-a33af4f6371bca5b83622b9bca7f3094 av_one_half  avia-builder-el-27  el_after_av_one_half  el_before_av_one_full  flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kmc2nosv-8-89e71a9dcf80ae12498b4fa6252a9b32\">\n#top .av-special-heading.av-kmc2nosv-8-89e71a9dcf80ae12498b4fa6252a9b32{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kmc2nosv-8-89e71a9dcf80ae12498b4fa6252a9b32 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kmc2nosv-8-89e71a9dcf80ae12498b4fa6252a9b32 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-kmc2nosv-8-89e71a9dcf80ae12498b4fa6252a9b32 av-special-heading-h3 blockquote modern-quote  avia-builder-el-28  el_before_av_textblock  avia-builder-el-first'><div class='av-subheading av-subheading_above'><p>Step 4<\/p>\n<\/div><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Evaluation<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-kmc2n3jh-7-5aed49c28ae3ba203da41568243b05fe'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Evaluate the attack after repair and document the data leakage. Evidence and assessments should be made from a data protection perspective; at best, the attack should be evaluated by an IT forensics expert.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2aji4z-6-9a33faea013f4dc0af7305a7481f0089\">\n.flex_column.av-2aji4z-6-9a33faea013f4dc0af7305a7481f0089{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-2aji4z-6-9a33faea013f4dc0af7305a7481f0089 av_one_full  avia-builder-el-30  el_after_av_one_half  el_before_av_one_full  first flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-5hqnz7-de79601b9ead1103b094bcedab9dcaea\">\n#top .av-special-heading.av-5hqnz7-de79601b9ead1103b094bcedab9dcaea{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-5hqnz7-de79601b9ead1103b094bcedab9dcaea .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-5hqnz7-de79601b9ead1103b094bcedab9dcaea .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-5hqnz7-de79601b9ead1103b094bcedab9dcaea av-special-heading-h3 blockquote modern-quote  avia-builder-el-31  el_before_av_textblock  avia-builder-el-first'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Meet the Experts Special: Microsoft Exchange Server Hack<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-klrzysk4-11-80cad483280b7f4d1e3557c300f0819d'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>With Prof. Dr. Andre D\u00f6ring from Robin Data and Rainer Franke from PowerBiT<\/p>\n<\/div><\/section><br \/>\n<br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-4a05vn-4076974ca3c52291fa3e6b196c7471f5\">\n#top .av-special-heading.av-4a05vn-4076974ca3c52291fa3e6b196c7471f5{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-4a05vn-4076974ca3c52291fa3e6b196c7471f5 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-4a05vn-4076974ca3c52291fa3e6b196c7471f5 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-4a05vn-4076974ca3c52291fa3e6b196c7471f5 av-special-heading-h3 blockquote modern-quote  avia-builder-el-34  el_after_av_codeblock  el_before_av_textblock'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >How can companies check whether they are affected and, if so, what should they do?<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-klrzysk4-3-945dfbf63b3c897ce9b0f30798f6a588'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>According to Microsoft, Exchange Services in the cloud are not affected. The developers have released security updates for the following vulnerable Exchange server versions.<\/p>\n<ul>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2010-service-pack-3-march-2-2021-kb5000978-894f27bf-281e-44f8-b9ba-dad705534459\" target=\"_blank\" rel=\"external noopener\">Exchange Server 2010 (RU 31 for Service Pack 3)<\/a><\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b\" target=\"_blank\" rel=\"external noopener\">Exchange Server 2013 (CU 23)<\/a><\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b\" target=\"_blank\" rel=\"external noopener\">Exchange Server 2016 (CU 19, CU 18)<\/a><\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b\" target=\"_blank\" rel=\"external noopener\">Exchange Server 2019 (CU 8, CU 7)<\/a><\/li>\n<\/ul>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-39t0ar-4eb13d9728cf55c391f8fac883e337ea\">\n#top .av-special-heading.av-39t0ar-4eb13d9728cf55c391f8fac883e337ea{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-39t0ar-4eb13d9728cf55c391f8fac883e337ea .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-39t0ar-4eb13d9728cf55c391f8fac883e337ea .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-39t0ar-4eb13d9728cf55c391f8fac883e337ea av-special-heading-h3 blockquote modern-quote  avia-builder-el-36  el_after_av_textblock  el_before_av_textblock'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >What are the challenges in problem solving?<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-kmc2n3jh-5-6a222239c2e01213a66bf7f9f225e4be'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Problems occur mainly in the 3rd step, should companies be affected there are often the following challenges:<\/p>\n<ul>\n<li>Servers must have the latest updates or be up to date.<\/li>\n<li class=\"translation-block\">Since updates can be associated with high financial and time expenditure, especially smaller and companies refrain from updating the servers regularly.<\/li>\n<li class=\"translation-block\">Practical experience shows that IT departments sometimes take a long time to install patches on servers, even if the servers are up to date.<\/li>\n<li class=\"translation-block\">Updates that have not been carried out must be installed first, and this can create risks in the system environment.<\/li>\n<\/ul>\n<p>Companies with more than 500 employees often have no problems with the problem-solving process, as systems are often up to date. Large companies often carry out updates directly because financial resources are available.<\/p>\n<p class=\"translation-block\">It can be assumed that especially systems in small and medium-sized companies still have vulnerabilities, for these companies it is not always possible to close known security gaps immediately with Microsoft patches for economic reasons.<\/p>\n<p>Our expert and partner Rainer Franke from PowerBiT therefore recommends switching to Office 365, as this can be done quickly and easily. Switch off your own Exchange server and migrate your company data to Office 365, bearing in mind that there is a risk of third-country transfer, which must be covered in a data protection impact assessment.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2aji4z-4-d28af452442e7921fd335ee46b0c1806\">\n.flex_column.av-2aji4z-4-d28af452442e7921fd335ee46b0c1806{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-2aji4z-4-d28af452442e7921fd335ee46b0c1806 av_one_full  avia-builder-el-38  el_after_av_one_full  el_before_av_promobox  first flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-3xox37-609be4b19c069c7aa7b276c067962421\">\n#top .av-special-heading.av-3xox37-609be4b19c069c7aa7b276c067962421{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-3xox37-609be4b19c069c7aa7b276c067962421 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-3xox37-609be4b19c069c7aa7b276c067962421 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-3xox37-609be4b19c069c7aa7b276c067962421 av-special-heading-h2 blockquote modern-quote  avia-builder-el-39  el_before_av_textblock  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >What should be done from a data protection point of view? <\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-kmc2n3jh-2-492b4cd5d1161f2d68f82c4665fd34b4'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>From the point of view of <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/general-data-protection-regulation-eu-gdpr\" target=\"_blank\" rel=\"noopener\">GDPR<\/a> A security incident that has occurred, such as the hacking of a Microsoft Exchange server, corresponds to a breach of <a href=\"https:\/\/help.robin-data.io\/artikel-32-dsgvo\" target=\"_blank\" rel=\"noopener\">Art. 32<\/a>i.e. the \"security of processing\" and assurance objectives, and is also questionable with regard to the provisions of ISO 27001. Especially in points 12.6 \"Management of technical vulnerabilities\" and 13.1.2 \"Security of network services\".<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-24eb6b-40b8341b159ac25b65b78a66d0cd4e31\">\n#top .av-special-heading.av-24eb6b-40b8341b159ac25b65b78a66d0cd4e31{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-24eb6b-40b8341b159ac25b65b78a66d0cd4e31 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-24eb6b-40b8341b159ac25b65b78a66d0cd4e31 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-24eb6b-40b8341b159ac25b65b78a66d0cd4e31 av-special-heading-h3 blockquote modern-quote  avia-builder-el-41  el_after_av_textblock  el_before_av_textblock'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >When must companies report a data breach to the supervisory authority?<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-kmc2n3jh-1-80c9a859b7ffc1c9713d915d04025a58'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>A notification to the competent supervisory authority is necessary if:<\/p>\n<ul>\n<li data-leveltext=\"\uf0a7\" data-font=\"Wingdings\" data-listid=\"1\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"3\">A Microsoft Exchange Server is affected by the attack wave,<\/li>\n<li data-leveltext=\"\uf0a7\" data-font=\"Wingdings\" data-listid=\"1\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"3\">There is a high number of people affected,<\/li>\n<li data-leveltext=\"\uf0a7\" data-font=\"Wingdings\" data-listid=\"1\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"3\">Sensitive data affected by the attack.<\/li>\n<\/ul>\n<p>If you are not sure whether you are actually affected, inform the competent supervisory authority within 72 hours. Report what happened and what measures were taken, this will determine whether a notification is necessary or not. In addition, companies must clarify to what extent notifications of the data subjects according to Art. <a href=\"https:\/\/help.robin-data.io\/artikel-34-dsgvo\" target=\"_blank\" rel=\"noopener\">Art. 34 GDPR<\/a> are necessary. This depends on the individual case and requires an individual assessment by the data protection officer.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-k9xxgm6c-54a7c072733e7327094b9b24cbbd6abf\">\n.av_promobox.av-k9xxgm6c-54a7c072733e7327094b9b24cbbd6abf{\ncolor:#303440;\nbackground:#b3dff1;\n}\n<\/style>\n<div  class='av_promobox av-k9xxgm6c-54a7c072733e7327094b9b24cbbd6abf avia-button-yes  avia-builder-el-43  el_after_av_one_full  el_before_av_one_full'><div class='avia-promocontent'><p>\nOur experts for data protection <br class=\"avia-permanent-lb\" \/>and information security will be happy to advise you.<\/p>\n<\/div><div  class='avia-button-wrap av-k9xxgm6c-b86ca0ad4d283075b58d18a5554c63e5-wrap avia-button-right'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-k9xxgm6c-b86ca0ad4d283075b58d18a5554c63e5\">\n#top #wrap_all .avia-button.av-k9xxgm6c-b86ca0ad4d283075b58d18a5554c63e5{\nbackground-color:#127db3;\nborder-color:#127db3;\ncolor:#ffffff;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-k9xxgm6c-b86ca0ad4d283075b58d18a5554c63e5 .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/contact\/#angebot'  class='avia-button av-k9xxgm6c-b86ca0ad4d283075b58d18a5554c63e5 av-link-btn avia-icon_select-no avia-size-large avia-position-right'   aria-label=\"Request offer\"><span class='avia_iconbox_title' >Request offer<\/span><\/a><\/div><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885\">\n.flex_column.av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885{\nborder-radius:10px 10px 10px 10px;\npadding:50 px 50 px 50 px 50 px;\nbackground-color:#f7f7f7;\n}\n<\/style>\n<div  class='flex_column av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885 av_one_full  avia-builder-el-44  el_after_av_promobox  el_before_av_one_full  first flex_column_div'     ><p><br \/>\n<div  class='av-social-sharing-box av-ka3jmz4x-5dcebd1f09db7c20daac0063288815c9 av-social-sharing-box-default  avia-builder-el-46  el_after_av_codeblock  avia-builder-el-last  av-social-sharing-box-fullwidth'><div class=\"av-share-box\"><h5 class='av-share-link-description av-no-toc'>Do you like the piece? Feel free to share it.<\/h5><ul class=\"av-share-box-list noLightbox\"><li class='av-share-link av-social-link-facebook avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on Facebook\" href='https:\/\/www.facebook.com\/sharer.php?u=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/hacker-attack-microsoft-exchange-server&#038;t=Angreifer-attackieren-Microsoft-Exchange-Server' data-av_icon='\ue8f3' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on Facebook'><span class='avia_hidden_link_text'>Share on Facebook<\/span><\/a><\/li><li class='av-share-link av-social-link-twitter avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on X\" href='https:\/\/twitter.com\/share?text=Angreifer-attackieren-Microsoft-Exchange-Server&#038;url=https:\/\/www.robin-data.io\/en\/?p=8483' data-av_icon='\ue932' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on X'><span class='avia_hidden_link_text'>Share on X<\/span><\/a><\/li><li class='av-share-link av-social-link-linkedin avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on LinkedIn\" href='https:\/\/linkedin.com\/shareArticle?mini=true&#038;title=Angreifer-attackieren-Microsoft-Exchange-Server&#038;url=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/hacker-attack-microsoft-exchange-server' data-av_icon='\ue8fc' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on LinkedIn'><span class='avia_hidden_link_text'>Share on LinkedIn<\/span><\/a><\/li><li class='av-share-link av-social-link-mail avia_social_iconfont' ><a  aria-label=\"Share by Mail\" href='mailto:?subject=Angreifer-attackieren-Microsoft-Exchange-Server&#038;body=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/hacker-attack-microsoft-exchange-server' data-av_icon='\ue805' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share by Mail'><span class='avia_hidden_link_text'>Share by Mail<\/span><\/a><\/li><\/ul><\/div><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d\">\n.flex_column.av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d av_one_full  avia-builder-el-47  el_after_av_one_full  avia-builder-el-last  first flex_column_div av-zero-column-padding  column-top-margin'     ><section  class='av_textblock_section av-kaqhth2e-c0ce0e9fc51ca4569850f4a16f47c8e1'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 style=\"text-align: center;\">This might interest you too:<\/h3>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kaqhpdsy-c149d804dc26de4da98e9603962fa194\">\n#top .hr.hr-invisible.av-kaqhpdsy-c149d804dc26de4da98e9603962fa194{\nheight:25px;\n}\n<\/style>\n<div  class='hr av-kaqhpdsy-c149d804dc26de4da98e9603962fa194 hr-invisible  avia-builder-el-49  el_after_av_textblock  el_before_av_blog'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<div  data-slideshow-options=\"{&quot;animation&quot;:&quot;fade&quot;,&quot;autoplay&quot;:false,&quot;loop_autoplay&quot;:&quot;once&quot;,&quot;interval&quot;:5,&quot;loop_manual&quot;:&quot;manual-endless&quot;,&quot;autoplay_stopper&quot;:false,&quot;noNavigation&quot;:false,&quot;show_slide_delay&quot;:90}\" class='avia-content-slider avia-content-grid-active avia-content-slider1 avia-content-slider-odd  avia-builder-el-50  el_after_av_hr  avia-builder-el-last  av-slideshow-ui av-control-default   av-no-slider-navigation av-slideshow-manual av-loop-once av-loop-manual-endless'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Blog\" ><div class=\"avia-content-slider-inner\"><div class=\"slide-entry-wrap\"><article class='slide-entry flex_column  post-entry post-entry-9486 slide-entry-overview slide-loop-1 slide-parity-odd  av_one_third first real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-microsoft-365-office-365-gdpr-compliant-use-in-company' data-rel='slide-1' class='slide-image' title='Microsoft 365: GDPR-compliant use in the company'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"341\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150646\/Tastatur-Microsoft-495x341.jpg\" class=\"wp-image-14087 avia-img-lazy-loading-not-14087 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Microsoft 365: GDPR-compliant use in the company\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-microsoft-365-office-365-gdpr-compliant-use-in-company' title='Microsoft 365: GDPR-compliant use in the company'>Microsoft 365: GDPR-compliant use in the company<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/wiki\" rel=\"tag\">Wiki<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Can Microsoft Office 365 be used in compliance with the GDPR? We show how the configuration complies with data protection.<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-microsoft-365-office-365-gdpr-compliant-use-in-company\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2021-04-13T14:27:51+02:00\" >13 April 2021<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-microsoft-365-office-365-gdpr-compliant-use-in-company#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150646\/Tastatur-Microsoft.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>341<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2021-03-16T21:40:40+01:00\" >2021-04-13 14:27:51<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-03-24 13:38:51<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Microsoft 365: GDPR-compliant use in the company<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-2827 slide-entry-overview slide-loop-2 slide-parity-even  av_one_third  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/data-breach-microsoft-customer-records-exposed' data-rel='slide-1' class='slide-image' title='Data breach Microsoft customer records leaked'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"343\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150407\/Header-Datenpanne-495x343.jpg\" class=\"wp-image-14081 avia-img-lazy-loading-not-14081 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Data breach Microsoft customer data records leaked\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/data-breach-microsoft-customer-records-exposed' title='Data breach Microsoft customer records leaked'>Data breach Microsoft customer records leaked<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/news\" rel=\"tag\">News<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >In December 2019, 250 million support requests to Microsoft were available online for two days. Security researchers reported the data breach to Microsoft.<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/data-breach-microsoft-customer-records-exposed\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2020-01-24T14:20:26+01:00\" >January 24, 2020<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/data-breach-microsoft-customer-records-exposed#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150407\/Header-Datenpanne.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>343<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2021-03-16T21:40:40+01:00\" >2020-01-24 14:20:26<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-01-22 09:17:35<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Data breach Microsoft customer records leaked<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-1123 slide-entry-overview slide-loop-3 slide-parity-odd  post-entry-last  av_one_third  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/data-protection-of-microsoft-office-365-in-the-criticism' data-rel='slide-1' class='slide-image' title='Microsoft Office 365 data protection under criticism'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"341\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150646\/Tastatur-Microsoft-495x341.jpg\" class=\"wp-image-14087 avia-img-lazy-loading-not-14087 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Microsoft Office 365 data protection criticised\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/data-protection-of-microsoft-office-365-in-the-criticism' title='Microsoft Office 365 data protection under criticism'>Microsoft Office 365 data protection under criticism<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/news\" rel=\"tag\">News<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Microsoft Office 365 is questionable from a data protection perspective. Recently, its use in schools has been under criticism. What you need to consider when using it to avoid high data protection risks can be found in the article.<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/data-protection-of-microsoft-office-365-in-the-criticism\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2019-09-23T10:06:17+02:00\" >September 23, 2019<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/data-protection-of-microsoft-office-365-in-the-criticism#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150646\/Tastatur-Microsoft.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>341<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Ulrich Hottelet<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Ulrich Hottelet<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2021-03-16T21:40:40+01:00\" >2019-09-23 10:06:17<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-03-24 13:35:57<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Microsoft Office 365 data protection under criticism<\/span><\/span><\/span><\/article><\/div><\/div><\/div><\/p><\/div>","protected":false},"excerpt":{"rendered":"<p>Attackers are exploiting various vulnerabilities and attacking Microsoft Exchange Server. Read what companies need to do now!<\/p>","protected":false},"author":3,"featured_media":14055,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[41,181],"class_list":["post-8483","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-datensicherheit","tag-microsoft"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.8 (Yoast SEO v26.8) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Angriff auf Microsoft Exchange Server: Was tun? | News<\/title>\n<meta name=\"description\" content=\"Angreifer nutzen verschiedene Sicherheitsl\u00fccken und attackieren Microsoft Exchange Server. Lesen Sie was Unternehmen jetzt tun m\u00fcssen!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/hacker-attack-microsoft-exchange-server\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Angreifer-attackieren-Microsoft-Exchange-Server\" \/>\n<meta property=\"og:description\" content=\"Angreifer nutzen verschiedene Sicherheitsl\u00fccken und attackieren Microsoft Exchange Server. Lesen Sie was Unternehmen jetzt tun m\u00fcssen!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/hacker-attack-microsoft-exchange-server\" \/>\n<meta property=\"og:site_name\" content=\"Robin Data GmbH\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/robindatade\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-16T20:40:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-24T12:38:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"685\" \/>\n\t<meta property=\"og:image:height\" content=\"343\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Caroline Schwabe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@RobinData_DE\" \/>\n<meta name=\"twitter:site\" content=\"@RobinData_DE\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Caroline Schwabe\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server\"},\"author\":{\"name\":\"Caroline Schwabe\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\"},\"headline\":\"Angreifer-attackieren-Microsoft-Exchange-Server\",\"datePublished\":\"2021-03-16T20:40:40+00:00\",\"dateModified\":\"2025-03-24T12:38:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server\"},\"wordCount\":4409,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\",\"keywords\":[\"Datensicherheit\",\"Microsoft\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#respond\"]}]},{\"@type\":[\"WebPage\",\"ItemPage\"],\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server\",\"url\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server\",\"name\":\"Angriff auf Microsoft Exchange Server: Was tun? | News\",\"isPartOf\":{\"@id\":\"https:\/\/www.robin-data.io\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\",\"datePublished\":\"2021-03-16T20:40:40+00:00\",\"dateModified\":\"2025-03-24T12:38:42+00:00\",\"author\":{\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\"},\"description\":\"Angreifer nutzen verschiedene Sicherheitsl\u00fccken und attackieren Microsoft Exchange Server. Lesen Sie was Unternehmen jetzt tun m\u00fcssen!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#primaryimage\",\"url\":\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\",\"contentUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\",\"width\":685,\"height\":343},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/www.robin-data.io\/startseite\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Angreifer-attackieren-Microsoft-Exchange-Server\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.robin-data.io\/#website\",\"url\":\"https:\/\/www.robin-data.io\/\",\"name\":\"Robin Data GmbH\",\"description\":\"Robin Data ComplianceOS\u00ae Das Compliance Operating System\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.robin-data.io\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\",\"name\":\"Caroline Schwabe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g\",\"caption\":\"Caroline Schwabe\"},\"description\":\"Frau Schwabe ist Informationsdesignerin und Datenschutzbeauftragte. Der Schwerpunkt ihrer Arbeit liegt darin, Kunden und Interessenten mit Beitr\u00e4gen in der Robin Data Datenschutz-Akademie weiterzuhelfen.\",\"url\":\"https:\/\/www.robin-data.io\/en\/author\/csc\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Attack on Microsoft Exchange Server: What to do? | News","description":"Attackers are exploiting various vulnerabilities and attacking Microsoft Exchange Server. Read what companies need to do now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/hacker-attack-microsoft-exchange-server","og_locale":"en_GB","og_type":"article","og_title":"Angreifer-attackieren-Microsoft-Exchange-Server","og_description":"Angreifer nutzen verschiedene Sicherheitsl\u00fccken und attackieren Microsoft Exchange Server. Lesen Sie was Unternehmen jetzt tun m\u00fcssen!","og_url":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/hacker-attack-microsoft-exchange-server","og_site_name":"Robin Data GmbH","article_publisher":"https:\/\/www.facebook.com\/robindatade\/","article_published_time":"2021-03-16T20:40:40+00:00","article_modified_time":"2025-03-24T12:38:42+00:00","og_image":[{"width":685,"height":343,"url":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","type":"image\/jpeg"}],"author":"Caroline Schwabe","twitter_card":"summary_large_image","twitter_creator":"@RobinData_DE","twitter_site":"@RobinData_DE","twitter_misc":{"Written by":"Caroline Schwabe"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#article","isPartOf":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server"},"author":{"name":"Caroline Schwabe","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5"},"headline":"Angreifer-attackieren-Microsoft-Exchange-Server","datePublished":"2021-03-16T20:40:40+00:00","dateModified":"2025-03-24T12:38:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server"},"wordCount":4409,"commentCount":0,"image":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#primaryimage"},"thumbnailUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","keywords":["Datensicherheit","Microsoft"],"articleSection":["News"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#respond"]}]},{"@type":["WebPage","ItemPage"],"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server","url":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server","name":"Attack on Microsoft Exchange Server: What to do? | News","isPartOf":{"@id":"https:\/\/www.robin-data.io\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#primaryimage"},"image":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#primaryimage"},"thumbnailUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","datePublished":"2021-03-16T20:40:40+00:00","dateModified":"2025-03-24T12:38:42+00:00","author":{"@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5"},"description":"Attackers are exploiting various vulnerabilities and attacking Microsoft Exchange Server. Read what companies need to do now!","breadcrumb":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#primaryimage","url":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","contentUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","width":685,"height":343},{"@type":"BreadcrumbList","@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/angreifer-attackieren-microsoft-exchange-server#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.robin-data.io\/startseite"},{"@type":"ListItem","position":2,"name":"Angreifer-attackieren-Microsoft-Exchange-Server"}]},{"@type":"WebSite","@id":"https:\/\/www.robin-data.io\/#website","url":"https:\/\/www.robin-data.io\/","name":"Robin Data GmbH","description":"Robin Data ComplianceOS\u00ae The Compliance Operating System","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.robin-data.io\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5","name":"Caroline Schwabe","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g","caption":"Caroline Schwabe"},"description":"Ms. Schwabe is an information designer and Data Protection Officer. The focus of her work is to help customers and interested parties with contributions to the Robin Data Privacy Academy.","url":"https:\/\/www.robin-data.io\/en\/author\/csc"}]}},"_links":{"self":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/8483","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/comments?post=8483"}],"version-history":[{"count":44,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/8483\/revisions"}],"predecessor-version":[{"id":9561,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/8483\/revisions\/9561"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/media\/14055"}],"wp:attachment":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/media?parent=8483"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/categories?post=8483"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/tags?post=8483"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}