Outlook: Additional features on the profile card in Outlook Mobile

🚨 The Signal: Outlook Mobile profile cards now display reachability, hybrid location, and read-only pronouns. This increases user information visibility, potentially impacting privacy and social engineering risk.

The Impact

All users are affected by increased personal data visibility, posing a minor risk of privacy concerns or targeted social engineering.

• End users: More personal data visible, increasing privacy awareness needs.
• Security team: Potential for minor social engineering risk due to location/reachability data.
• Privacy officers: Review of data visibility against existing privacy policies is advised.

The Action

1. Review existing privacy policies regarding the display of user pronouns, location, and reachability.
2. Communicate to users about the new information visible on profile cards in Outlook Mobile.
3. Educate users on the potential implications of sharing this information, particularly regarding social engineering.

Domain: M365-Apps · Impact: low · Workload: M365 Apps