[dustinmoris]

Wow that is CREEPY AF and very very scary. This is an instant reason to never use Windows because I'd be so scared that I'd leak personal/private data to other people's computers. The really fucking scary thing is that even we both as power users who understand computers, the internet and how things work are even extremely vulnerable to those hostile dark patterns in Windows that less tech savvy family members would be absolute prey to those Microsoft hyenas. There is NO WAY that anyone in my family will ever use a Windows or Microsoft device. It will be iPhones and Macs for them for the rest of their lives.

[Geenirvana]

I obviously did not find it amusing.

I had my young son with me at the time so I didn't investigate it further. What would have I seen if I clicked the More > button in the Start Menu - would there have been more leakage? Have I logged into my work account on my personal PC at some point? Why did it only show the OneNote file but not any others? What happened if I actually clicked it and tried to open it? Did I simply make a mistake when using multiple accounts in one OS?

There are numerous questions I am asking myself that I don't have an answer for yet.

As far as I can see, I have removed all traces of my personal account off my work laptop now but I am hoping (not sure this is the correct wording in this context) that I can see still the file in my Recommended Section when I get home.

I really would like to know exactly how it can happen.

[hef19898]

If you take info sec seriously that should be immediate reason to ban one note, IMHO. Because if you are not trying to, MS will just spill company data to your private accounts for you!

[tokamak-teapot]

It’s not just OneNote. They are absolutely confused, as an organisation, about accounts, data privacy and data security.

I can’t, in theory, access my work’s OneDrive from my personal machines, due to a required SSO on top of Microsoft’s, and a VPN requirement. But somehow there are some of my personal files in my work’s OneDrive.

I don’t know how this happened. I can’t log into our VPN as it’s machine-locked (it checks before allowing you on) and therefore OneDrive is supposed to stop me accessing it.

I keep getting emails from Microsoft about an Azure Enterprise agreement that they have decided I have power over, along with a group of people from a random company that I’m not related to in any way. Someone did a typo and included me by accident? Not likely as I have an email address that’s difficult to accidentally use via typo.

Microsoft are taking people’s responses to the group as authorised instructions as to what to do with their enterprise agreement. I’ve responded several times and said I am not related but they keep emailing about it. I know a lot about that company’s people, structure and agreements with Microsoft now!

[mring33621]

"emails from Microsoft about an Azure Enterprise agreement" == phishing

[tokamak-teapot]

They're really not. It's a real person at Microsoft, and they don't know how to fix it.