American Airlines Breach Explained | How did American Airlines O365 get hacked? #CISOlife

A #CISOlife overview of the public information of the recent American Airlines breach by Brian Haugli, CEO, SideChannel.    

Brian presents an explanation and walk through of how an O365 tenant can be hacked where legacy authentication methods are still available; specifically with IMAP.  

The info released so far shows a series of steps:

American Airlines has a breach of O365 
Still using legacy protocol IMAP 
Microsoft instructs to remove legacy protocols 
Attacker can pull down all emails 
Steps to stop this attack