Outlook and Hotmail users left exposed in Microsoft email breach

Microsoft Says Hackers Had Access to Some

Microsoft support agent's email hacked, customer emails compromised

Although the source claims this went on for at least six months, Microsoft says the hackers had access from January 1st to March 28th.

Microsoft has confirmed that some of its e-mail services have been breached by hackers, with the contents of some user e-mails exposed by the attack.

As TechCrunch and Motherboard report, an email sent out by Microsoft late last week explains that access to its system was gained through compromised Microsoft support agent credentials.

An unknown number of Microsoft Corp. email account users, including those using Outlook and Hotmail, may have had details of emails stolen in a hack that lasted from January 1 to March 28.

"This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments", Microsoft said (emphasis is ours).

Microsoft's Outlook hack is worse than the company originally warned.

SpaceX's Falcon Heavy conducts first commercial flight
Two of the boosters landed in Cape Canaveral in Florida and the third booster landed on an off-shore drone ship. Update April 10th, 7:30PM ET: SpaceX delayed the launch to Thursday, April 11th due to high winds .

But according to the cited source, hackers were able to gain "full access to email content", as the compromised account had high privileges.

Microsoft operates e-mail services including Outlook, MSN and Hotmail. Enterprise users were unaffected.

Even though the software giant ensures that no login details or other personal information were stolen by the hackers, the company is recommending that affected users reset their passwords.

"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access", a Microsoft spokesperson said.

Microsoft did not respond to multiple requests for additional comment. Out of an abundance of caution, we also increased detection and monitoring to further protect affected accounts. In a blog post from April, Microsoft said that it saw an average of 300,000 phishing attempts in February alone.

Latest News