Question OneDrive Security Issues (data breach & theft of work)

Toggle sidebar Toggle sidebar
R

Richard_R

Feb 24, 2025
1
0
10
I run a side-hustle doing creative design work and store my files on OneDrive. About a year ago there was a breach but I don't know what was downloaded, I just get notification of a sign-in from a different country. I changed passwords, email addresses etc and turned on 2FA and also use the MS Authenticator App. A few months after this copies of my work started appearing on AliExpress so I guess it was a Chinese hack and they managed to download at least some of my work and just basically stole it.

I get lots of attempted logins from outside of where I live (in the UK). Is there a way to restrict log-ins from outside my own country? There must be a way to check the IP of a log-in request and restrict it to UK only IP's? I know a VPN would get around this, but looking at the log-in attempts, there are multiple everyday from outside the UK so restricting logins to UK IP's only would at least help!

Also any other ways to improve security? I've got 2FA turned on, change passwords regularly and have the MS Authenticator App on my phone. but is there anything else I can do?
 
Richard_R said:
I run a side-hustle doing creative design work and store my files on OneDrive. About a year ago there was a breach but I don't know what was downloaded, I just get notification of a sign-in from a different country. I changed passwords, email addresses etc and turned on 2FA and also use the MS Authenticator App. A few months after this copies of my work started appearing on AliExpress so I guess it was a Chinese hack and they managed to download at least some of my work and just basically stole it.

I get lots of attempted logins from outside of where I live (in the UK). Is there a way to restrict log-ins from outside my own country? There must be a way to check the IP of a log-in request and restrict it to UK only IP's? I know a VPN would get around this, but looking at the log-in attempts, there are multiple everyday from outside the UK so restricting logins to UK IP's only would at least help!

Also any other ways to improve security? I've got 2FA turned on, change passwords regularly and have the MS Authenticator App on my phone. but is there anything else I can do?
Click to expand...
Pre-encrypt all your files BEFORE uploading to OneDrive. Use 7-zip to create encrypted files and have THOSE uploaded.
 
Once they have your primary login name (your email is the primary alias), they can try logging into your account forever; see https://account.live.com/names/manage to reduce the number. You should make sure your have 1) 2FA (you already have), 2) strong and unique password. Ignore all unsuccessful logins; Google doesn't even bother showing this to its users.

You can increase the chance of account recovery by using an email and phone number that are used for recovering important accounts only. Don't give the email or the phone number to anyone/any other service, which will mitigate attacks on them.

Use passkey extensively and resort to the password only for recovery, if necessary.

If you don't use a password manager, consider using one to allow using strong and unique passwords.
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom