Researchers at Guardicore discovered a vulnerability in Microsoft Outlook which can leak your email credentials if your email server is misconfigured.
In the researchers blog post it goes into detail on how they discovered this flaw and what information it could potentially leak about your employees.
To resolve this vulnerability in your organization you can utilize firewalls to block outbound connections to any autodiscover.* domains as detailed in the researcher’s blog post.