{"id":48882,"date":"2022-10-14T15:13:57","date_gmt":"2022-10-14T15:13:57","guid":{"rendered":"https:\/\/www.darkreading.com\/application-security\/microsoft-365-message-encryption-can-leak-sensitive-info"},"modified":"2022-10-14T15:13:57","modified_gmt":"2022-10-14T15:13:57","slug":"microsoft-365-message-encryption-can-leak-sensitive-info","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/","title":{"rendered":"Microsoft 365 Message Encryption Can Leak Sensitive Info"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltfc53363e94eb92bf\/628feacf310f05772324320d\/Chain_Andrey_Kryuchkov_Alamy.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers have discovered what they call a vulnerability in Microsoft 365, tied to the use of a broken or risky cryptographic algorithm. It could be exploited to infer some or all the content of encrypted email messages, they warned \u2014 but Microsoft has declined to address the issue.<\/p>\n<p>Third-party researchers tell Dark Reading that the real-world risk from the issue depends on an organization&#8217;s profile.&nbsp;<\/p>\n<h2 class=\"regular-text\">A Flawed Crypto Approach<\/h2>\n<p>Microsoft 365 (formerly Office 365) offers a method of sending encrypted messages (Office 365 Message Encryption, or OME) using Electronic Codebook (ECB), a mode of operation known to expose certain structural information about messages.<\/p>\n<p>WithSecure principal security consultant Harry Sintonen wrote in <a href=\"https:\/\/labs.withsecure.com\/advisories\/microsoft-office-365-message-encryption-insecure-mode-of-operation\" target=\"_self\" rel=\"noopener\">an Oct. 14 posting<\/a> that if an attacker had access to enough emails using OME, it&#8217;s possible to access leaked information by analyzing the frequency of repeating patterns in individual messages and then matching those patterns with those in other encrypted emails and files.<\/p>\n<p>&#8220;This could impact anyone using OME, if the attachment in question has the properties that make it decipherable in this way,&#8221; he tells Dark Reading. &#8220;Of course, for the extraction to be possible, the adversary first needs to get access to the actual encrypted email message.&#8221;<\/p>\n<p>Sintonen explains that even if the files did not have a larger structure that could directly be revealed, there is still possibility of fingerprinting files.<\/p>\n<p>&#8220;If a file has some repeating blocks, you could construct a fingerprint from the relation of these repeating blocks,&#8221; he says. &#8220;You can then scan the encrypted email messages for these fingerprints. If found, you know that this email message included the specific file.&#8221;<\/p>\n<p>He adds that it&#8217;s also possible to leverage artificial intelligence (AI) to find similar fingerprints to find content that is related, perhaps part of a set of similar files. <\/p>\n<h2 class=\"regular-text\">Microsoft: No Fix Forthcoming<\/h2>\n<p>In January 2022, Sintonen shared his research findings with Microsoft. Microsoft acknowledged the problem and compensated Sintonen as part of its vulnerability rewards program but decided against fixing it.<\/p>\n<p>&#8220;The report was not considered meeting the bar for security servicing, nor is it considered a breach,&#8221; the computing giant responded. &#8220;No code change was made and so no CVE was issued for this report.&#8221;<\/p>\n<p>Bud Broomhead, CEO at Viakoo, a provider of automated IoT cyber-hygiene, says he thinks Microsoft choosing not to fix it either means that there is a new message encryption capability soon to be released, or that the &#8220;fix&#8221; would need to be a complete rewrite of this capability.<\/p>\n<p>&#8220;It could also be that usage of this feature [is] of low enough or limited enough that Microsoft would decline to fix it,&#8221; he adds. &#8220;Even if Microsoft declines to fix this, it should at least remove or restrict the use of message encryption within Office 365 until a better solution is available to users.&#8221;<\/p>\n<p>And indeed, companies can mitigate the problem by not using the OME feature \u2014 but even that does not eliminate the risk entirely.<\/p>\n<p>&#8220;If they have been using OME encryption and this issue is determined to be a problem, they have no other recourse than ceasing to use the problematic service \u2014 OME \u2014 and replace it with another, secure solution,&#8221; Sintonen says. <\/p>\n<p>This, however, doesn\u2019t remedy the fact that large amounts of poorly encrypted email messages may linger in various parts of the Internet and could be analyzed by actors who gain access to them.<\/p>\n<h2 class=\"regular-text\">Senders, Recipients at Risk?<\/h2>\n<p>Broomhead notes that for many years the fear has been that encrypted data that was previously exfiltrated may <a href=\"https:\/\/www.darkreading.com\/emerging-tech\/alarm-bells-post-quantum-crypto-cracking\" target=\"_self\" rel=\"noopener\">someday be decrypted<\/a> and exploited.<\/p>\n<p>&#8220;For threat actors who have harvested large amounts of encrypted <a href=\"https:\/\/www.darkreading.com\/remote-workforce\/microsoft-office-365-users-raging-spate-attacks\" target=\"_self\" rel=\"noopener\">Microsoft Office 365<\/a> email messages, that day may be today,&#8221; he says, adding that he thinks it&#8217;s clearly &#8220;a bug of high severity.&#8221;<\/p>\n<p>&#8220;Both senders and recipients are at risk \u2014 especially with people outside the organization, the desire to use encryption may have been to protect trade or other organizational secrets,&#8221; Broomhead says.<\/p>\n<p>That said, the need to have a large number of encrypted emails to use this vulnerability narrows the victimology \u2014 by definition it would be larger organizations who felt the need to encrypt large numbers of email messages. And, highly sensitive information usually already has additional layers of data protection, Mike Parkin, senior technical engineer at Vulcan Cyber, points out.<\/p>\n<p>&#8220;Those who require truly secure email have other options they can use,&#8221; Parkin says. &#8220;For example, using GPG encryption and sending the encrypted message as an attachment.&#8221;<\/p>\n<p>He says that as a result, most business users won&#8217;t be affected by the level of data leakage here, unless they are in the habit of sending highly sensitive, and time sensitive, information through Microsoft 365. <\/p>\n<p>&#8220;It&#8217;s sufficient to keep most expected threats at bay but wouldn&#8217;t be adequate versus a well-resourced state or state-sponsored threat actor,&#8221; he says. &#8220;High-value communications require highly secure cryptographic algorithms and protocols. In practice, the encryption[s] available in Office 365 are enough for most users.&#8221;<\/p>\n<p>On the flip side, Parkin notes that people can come to rely on basic encryption keeping their information safe, and anything that gives a potential threat actor insight into that secure communication is problematic.<\/p>\n<p>&#8220;Ideally, encrypted traffic shouldn&#8217;t reveal anything about the contents of the message beyond the sender and receiver information required to get it point to point,&#8221; he says. <\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/application-security\/microsoft-365-message-encryption-can-leak-sensitive-info\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The default email encryption used in Microsoft Office&#8217;s cloud version is leaky, which the company acknowledged but said it wouldn&#8217;t fix.Read More <a href=\"https:\/\/www.darkreading.com\/application-security\/microsoft-365-message-encryption-can-leak-sensitive-info\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-48882","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft 365 Message Encryption Can Leak Sensitive Info 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft 365 Message Encryption Can Leak Sensitive Info 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-14T15:13:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltfc53363e94eb92bf\/628feacf310f05772324320d\/Chain_Andrey_Kryuchkov_Alamy.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft 365 Message Encryption Can Leak Sensitive Info\",\"datePublished\":\"2022-10-14T15:13:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/\"},\"wordCount\":891,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltfc53363e94eb92bf\\\/628feacf310f05772324320d\\\/Chain_Andrey_Kryuchkov_Alamy.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/\",\"name\":\"Microsoft 365 Message Encryption Can Leak Sensitive Info 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltfc53363e94eb92bf\\\/628feacf310f05772324320d\\\/Chain_Andrey_Kryuchkov_Alamy.jpg\",\"datePublished\":\"2022-10-14T15:13:57+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltfc53363e94eb92bf\\\/628feacf310f05772324320d\\\/Chain_Andrey_Kryuchkov_Alamy.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltfc53363e94eb92bf\\\/628feacf310f05772324320d\\\/Chain_Andrey_Kryuchkov_Alamy.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-365-message-encryption-can-leak-sensitive-info\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft 365 Message Encryption Can Leak Sensitive Info\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft 365 Message Encryption Can Leak Sensitive Info 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft 365 Message Encryption Can Leak Sensitive Info 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-10-14T15:13:57+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltfc53363e94eb92bf\/628feacf310f05772324320d\/Chain_Andrey_Kryuchkov_Alamy.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft 365 Message Encryption Can Leak Sensitive Info","datePublished":"2022-10-14T15:13:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/"},"wordCount":891,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltfc53363e94eb92bf\/628feacf310f05772324320d\/Chain_Andrey_Kryuchkov_Alamy.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/","name":"Microsoft 365 Message Encryption Can Leak Sensitive Info 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltfc53363e94eb92bf\/628feacf310f05772324320d\/Chain_Andrey_Kryuchkov_Alamy.jpg","datePublished":"2022-10-14T15:13:57+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltfc53363e94eb92bf\/628feacf310f05772324320d\/Chain_Andrey_Kryuchkov_Alamy.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltfc53363e94eb92bf\/628feacf310f05772324320d\/Chain_Andrey_Kryuchkov_Alamy.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-365-message-encryption-can-leak-sensitive-info\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft 365 Message Encryption Can Leak Sensitive Info"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48882","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=48882"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48882\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=48882"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=48882"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=48882"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}