{"id":39023,"date":"2021-01-06T17:00:09","date_gmt":"2021-01-06T17:00:09","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=92504"},"modified":"2021-01-06T17:00:09","modified_gmt":"2021-01-06T17:00:09","slug":"privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/","title":{"rendered":"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact"},"content":{"rendered":"

GDPR, HIPPA, GLBA, all 50 U.S. States, and many countries have privacy breach reporting requirements. If an organization experiences a breach of customer or employee personal information, they must report it within the required time frame. The size and scope of this reporting effort can be massive. Using Microsoft 365 Advanced Audit and Advanced eDiscovery to better understand the scope of the breach can minimize the burden on customers as well as the financial and reputational cost to the organization.<\/p>\n

A changing privacy landscape<\/h2>\n

In 2005 ChoicePoint, a Georgia-based financial data aggregator had a data breach of 145,000 of its customers<\/a>. There were multiple security lapses and resulting penalties, but initially, only ChoicePoint\u2019s California-based customers were required to be notified because, at the time, California, with California Senate Bill 1386<\/a>, was the only state that had a mandatory privacy breach notification law.<\/p>\n

Since that time, all 50 U.S. States have put in place mandatory privacy breach notification laws<\/a>. Countries in the Americas, the Middle East, Europe, and Asia have adopted privacy standards including mandatory breach notification. Broader regulations that address this issue include California Consumer Privacy Act, China\u2019s Personal Information Security Specification, Brazil\u2019s Lei Geral de Prote\u00e7\u00e3o de Dados Pessoais (LGPD), and the European General Data Protection Regulation (GDPR). Given how often these laws are added or updated, it\u2019s challenging for any organization to keep up. As one solution, Microsoft 365 Compliance Manager<\/a> provides a set of continually updated assessments (174 and growing<\/a>) to assist our customers with these standards.<\/p>\n

A board-level business risk<\/h2>\n

The reputational and financial risk to a company from a privacy breach can be massive. For example, under California Civil Code 1798.80, which deals with the breach of personal health information, there is a penalty of up to $25,000 per patient record breached. For many standards, there are not only regulatory penalties imposed, but also the right of private action by those whose records have been breached (such as, those who have had their records breached can sue for damages, creating financial liability for a company beyond the regulatory penalties).<\/p>\n

There are timeframes under which notification must be made. The California Code requires notification to the regulator within 15 days after unauthorized disclosure is detected. Article 33 of GDPR requires notification to the regulator within 72 hours after the organization becomes aware of the breach.<\/p>\n

According to a list compiled by the Infosec Institute<\/a>, the average cost of a data breach in 2019 was $3.9 million but can range as high as $2 billion in cases like the Equifax breach of 2017.<\/p>\n

The reputational damage associated with a breach of customer, employee, or other stakeholders\u2019 personal or business information can substantially reduce a company\u2019s value.<\/p>\n

The scope of notification (if any is needed at all) and remediation depends on understanding the scope of the breach in a timely fashion. In the absence of reliable information, companies need to make worst-case assumptions that may result in larger notifications, higher costs, and unnecessary hardship for customers and other stakeholders.<\/p>\n

<\/p>\n

Preparation for breach<\/h2>\n

As security and compliance professionals, our priority is to avoid breaches with a defense in depth strategy including Zero Trust architecture<\/a>.<\/p>\n

Microsoft has comprehensive security solutions for Microsoft 365, as well as compliance and risk management solutions that enable our compliance pillar framework:<\/p>\n

<\/p>\n

But we also must prepare for breaches even as we defend against them. Part of that preparation is putting our organization in a position to scope a breach and limit its impact. This means ensuring we have the data governance and signal in place before the breach happens. Security professionals know that they have to deploy solutions like Data Loss Prevention, firewalls, and encryption to defend against attacks, but they may not focus as much on having the right audit data available and retained, and visualizations and playbooks in place beforehand to scope a future breach.<\/p>\n

Use Microsoft 365 Advanced Audit and Advanced eDiscovery to investigate compromised accounts<\/h2>\n

The Microsoft 365 Advanced Audit solution makes a range of data available that is focused on what will be useful to respond to crucial events and forensic investigations. It retains this data for one year (rather than the standard 90-day retention), with an option to extend the retention to ten years. This keeps the audit logs available to long-running investigations and to respond to regulatory and legal obligations.<\/p>\n

These crucial events can help you investigate possible breaches and determine the scope of compromise. Advanced Audit provides the following crucial events:<\/p>\n

There are built-in default alert policies<\/a> that use the Advanced Audit data to provide situational awareness either through Microsoft 365\u2019s own security and compliance portal, through Microsoft\u2019s Azure Sentinel<\/a> cloud-native SIEM, or through a customer\u2019s third-party SIEM. A customer can create customized alerts to use the audit data as well.<\/p>\n

Let\u2019s look at how a customer might use Advanced Audit to investigate a compromised account<\/a> and scope the extent of a data breach:<\/p>\n

In an account takeover, an attacker uses a compromised user account to gain access and operate as a user. The attacker may or may not have intended to access the user\u2019s email. If they intend to access the user\u2019s email, they may or may not have had the chance to do so. This is especially true if the defense in-depth and situational awareness discussed above is in place. The attack may have been detected, password changed, account locked, and more.<\/p>\n

If the user\u2019s email has confidential information of customers or other stakeholders, we need to know if this email was accessed. We need to separate legitimate access by the mailbox owner during the account takeover from access by the attacker.<\/p>\n

With Advanced Audit, we have this ability. Without it, a customer will have to assume all information in the user\u2019s mailbox is now in the hands of the attacker and proceed with reporting and remediation on this basis.<\/p>\n

The MailItemsAccessed<\/a> audit data item will indicate if a mailbox item has been accessed by a mail protocol. It covers mail accessed by both sync and bind. In the case of sync access, the mail was accessed by a desktop version of the Outlook client for Windows or Mac. In bind access, the InternetMessageId<\/a> of the individual message will be recorded in the audit record.<\/p>\n

We have the ability to forensically analyze mail access via a desktop client or via Outlook Web Access.<\/p>\n

<\/p>\n

We also need to differentiate between the mailbox owner\u2019s legitimate access to a mail item during the attack time period and access by the attacker. We can do this by examining the audit records<\/a> to see the context of the access, including the session ID and IP address used for access. We match these with other audit records and known good access by the user.<\/p>\n

Advanced Audit retains other events like Teams Joins, File Accessed, Messages Sent, Searches Queries, and many others<\/a> that can support a breach analysis.<\/p>\n

When we\u2019ve properly scoped the data that the attacker has had access to, we want to deep dive and inspect the content.<\/p>\n

With Advanced eDiscovery we can collect all emails, documents, Microsoft Teams, and Yammer interactions of the account that was taken over. We can search for confidential information and metadata to identify the material in question:<\/p>\n

<\/p>\n

There is metadata for each item which, for emails, includes InternetMessageID<\/a> as well as many other items such as from, to, and when it was sent, and any Microsoft Information Protection sensitivity label<\/a>.<\/p>\n

Advanced Audit and Advanced eDiscovery are an important part of an effective security risk and compliance strategy. These Microsoft 365 native tools allow our customers to understand the true scope of a breach. It has the potential to substantially reduce or eliminate the reporting requirements stemming from a compromised account. Advanced Audit can reduce the financial and reputational damage to a company, its customers, employees, partners, and other stakeholders.<\/p>\n

To learn more about Microsoft Security solutions visit our website<\/a>. Bookmark the Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity<\/a> for the latest news and updates on cybersecurity.<\/p>\n

\n

This document is provided \u201cas-is.\u201d Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. This document is not intended to communicate legal advice or a legal or regulatory compliance opinion. Each customer\u2019s situation is unique, and legal and regulatory compliance should be assessed in consultation with their legal counsel.<\/em><\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

GDPR, HIPPA, GLBA, all 50 U.S. States, and many countries have privacy breach reporting requirements. If an organization experiences a breach of relevant regulatory information, they must report it within the required time frame. The size and scope of this reporting effort can be massive. Using Microsoft 365 Advanced Audit and Advanced eDiscovery to better understand the scope of the breach can minimize the burden on customers as well as the financial and reputational cost to the organization.
\nThe post Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact appeared first on Microsoft Security. READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":39024,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[941,347,6420,1064,1065],"class_list":["post-39023","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-compliance","tag-cybersecurity","tag-microsoft-365","tag-security-intelligence","tag-security-response"],"yoast_head":"\nPrivacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-06T17:00:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1261\" \/>\n\t<meta property=\"og:image:height\" content=\"526\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact\",\"datePublished\":\"2021-01-06T17:00:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/\"},\"wordCount\":1426,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png\",\"keywords\":[\"compliance\",\"Cybersecurity\",\"Microsoft 365\",\"Security Intelligence\",\"Security Response\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/\",\"name\":\"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png\",\"datePublished\":\"2021-01-06T17:00:09+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png\",\"width\":1261,\"height\":526},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"compliance\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/compliance\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/","og_locale":"en_US","og_type":"article","og_title":"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-01-06T17:00:09+00:00","og_image":[{"width":1261,"height":526,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact","datePublished":"2021-01-06T17:00:09+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/"},"wordCount":1426,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png","keywords":["compliance","Cybersecurity","Microsoft 365","Security Intelligence","Security Response"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/","url":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/","name":"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png","datePublished":"2021-01-06T17:00:09+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact.png","width":1261,"height":526},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/privacy-breaches-using-microsoft-365-advanced-audit-and-advanced-ediscovery-to-minimize-impact\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"compliance","item":"https:\/\/www.threatshub.org\/blog\/tag\/compliance\/"},{"@type":"ListItem","position":3,"name":"Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39023","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=39023"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39023\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/39024"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=39023"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=39023"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=39023"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}