Summary: Widespread account lockouts affecting multiple organizations are being reported due to false positives triggered by Microsoft’s new Entra ID feature, the MACE Credential Revocation app. Despite accounts being secured with unique passwords and multi-factor authentication, admins are noting that many accounts were erroneously locked out without signs of compromise. Microsoft attributes these issues to an error in the rollout of the MACE application, which is intended to detect leaked credentials.
Affected: Microsoft Entra ID, organizations using the service
Keypoints :
- Numerous Windows administrators report false positives leading to account lockouts due to MACE Credential Revocation app.
- Locked accounts had unique passwords and MFA with no signs of compromise detected.
- Microsoft acknowledged the issue as a problem with the rollout but has not publicly confirmed specific details.