![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 57.99999999999999%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELM%3C/text%3E%3C/svg%3E)
2,147 questions
If you suspect that your Azure Tenant ID has been compromised, you should take immediate action to protect your account and data. One of the first steps you can take is to change the credentials for tenant admins and RBAC access on Azure Subscriptions, as well as follow the password guidance and ensure that all tenant admins and RBAC owners have MFA registered and enforced. You can also review which users, tenants, and subscriptions are at risk within the Azure portal and investigate the risk by going to Microsoft Entra ID to review Identity Protection's Risk Reports. Additionally, you can block the IP address of the attacker, enable MFA if it isn't already done, and enable Identity Protection for the user risk and sign-in risk.
Regarding whether telling a third party the Tenant ID for your Azure/Entra tenant will make it possible for them to access your tenant and the accounts of your users, it is unlikely. The Tenant ID is a unique identifier for your tenant, but it is not a secret. It is used to identify your tenant when you sign up for Azure and to access resources within your tenant. However, it is important to keep your credentials and RBAC access secure, as these can provide access to sensitive data and resources.
References:
