We was using an azure Machine for an integration between MS CRM and MS ERP and we was paying about 500 $ to 1000$ Monthly ,Suddenly we received an invoice of 200,000$ for 15 days consumption , our consumption increased about 100,000% without any notification or email or approval from the partner or MS ??
Then we have one technical meeting with the Partner team and they inform us our account was compromised without explanation how it happened only MFA was not active and we was unable to activate the MFA because I was using the account as an integration account, the partner said he will raise a ticket to MS billing team and after almost 6 months the partner came to us with the invoice and ask us to pay it and he said MS rejected the request , When we asked him about the communication he shared with us only technical ticket about the fraud activity , no ticket with the billing team no communication with MS at all .
And he said I know it's not fair , but you need to pay it , I requested from him to raise a technical ticket to discuss with MS some points in the log file they shared with us he did not accept and said already we raised one before (Which I was not in the loop) and after a fight with him he finally raise one ticket after 2 months of requests and we did the discussion with a technical from MS and we have some inquiry about the log file and he said the log file is unnormal and the activity is fraud activity , Then I asked the partner to escalate the ticket to the billing team or Fraud team , The partner told me that nothing called fraud team and we will not escalate anything again and you need to pay ,My questions here :
- How I need to pay this huge amount which I did not consume and may close my business .
- Till now I do not know what was my mistake related to the security .
- How I can secure an integration account between MS CRM & ERP "MS Package ".
- If the MFA is that important and without it anyone can hack the account why it's not a mandatory.
- Why it's to hard to communicate or reach anyone one from MS to solve the problem.
- What is the rule and the responsibility of the partner "Only collect the money"?
- I did not receive any email or a warness about weak in my security then how I'm responsible .
- The log file timestamp is created a resource every 1 second and less in different countries ."How MS did not stop it as it's clearly fraud ".
- How I can reach anyone from MS fraud or related to this kind of cases as the partner is not helping me .