Hackers compromised Microsoft support to access email accounts

Donna Miller
April 16, 2019

The company has not confirmed the number of accounts, in total, affected by the breach.

A hacker or group of hackers gained access to a customer support account for Microsoft, from which they then got access to information on customer accounts, including whom they communicated with. Microsoft notified users that hackers may have had able to access information about their accounts - including their email address, email subject lines, and frequent contacts - but not the contents of any messages or attachments, according to TechCrunch.

The technology giant said a "limited" number of accounts had been affected by the breach, but confirmed around 6% of those involved may have seen the content of their e-mails become accessible to the attackers.

Making matters worse was the fact that the company only admitted this after it was presented with screenshot evidence.

Microsoft said in a statement: "We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access".

Huawei P30 Pro to goes on sale on this date, read on
The company has rapidly caught up with Apple and Samsung, overtaking the former in terms of overall market share previous year . The new P30 Pro and P30 Lite were unveiled at an event at Delhi's Taj Palace hotel earlier this week.

Additionally, the source claims hackers were able to access the emails for at least six months-twice the amount of time Microsoft claims-though the company denies this is true.

Although Microsoft asserted that login details and personal information had not been stolen, it warned recipients of its email to be extra-vigilant over potential phishing attempts.

Microsoft stated that the content of emails and login credentials were not compromised in the data breach, but still recommended that affected users change their passwords.

Microsoft clarified that this "affected a limited subset of consumer accounts" and that the malicious activity began at the start of January 2019 and ran through to nearly the end of March, so essentially lasted three months. Out of an abundance of caution, however, customers whose inboxes were left exposed to the intruder will be getting additional "detection and monitoring" on their email accounts.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER