Microsoft Reveals Email Breach, Says Hackers Accessed User Data

[The AchieVer]

Microsoft Reveals Email Breach, Says Hackers Accessed User Data

 

Microsoft has just revealed that it suffered a breach earlier this year and hackers were able to access certain user email information.

In an email sent to impacted users and obtained by TechCrunch, Microsoft explains that a malicious actor managed to compromise the credentials of a Microsoft support agent.

This allowed individuals not working for Microsoft to access information stored in Microsoft email accounts (@outlook.com, @hotmail.com, @msn.com), and according to the cited source, businesses weren’t affected.

The information exposed to hackers includes email addresses, folder names, subject lines of emails, names of other email addresses that users communicate with. No email content or attachments were exposed to hackers, Microsoft claims.

The unauthorized access was recorded between January 1, 2019 and March 28, 2019, Microsoft says, but the company hasn’t provided any specifics as to how the hackers managed to compromise the credentials of the support agent.Passwords not exposedThe software giant says it immediately disabled the compromised account once it detected the breach.

“Upon awareness of this issue, Microsoft immediately disabled the compromised credentials, prohibiting their use for any further unauthorized access. Our data indicates that account-related information (but not the content of any e-mails) could have been viewed, but Microsoft has no indication why that information was viewed or how it may have been used,” the firm says in the email sent to affected users.

Microsoft now warns of an increasing number of phishing emails that could be sent to users, and it recommends everyone to reset passwords. However, it’s important to know that passwords weren’t exposed to hackers, albeit Microsoft says it’s better to change them “out of caution.”

For now, it’s not yet known how many users were exposed, but as per the cited source, there’s a chance at least some are based in Europe.

You can read the full email below, and for additional information and assistance, you can reach out to the company’s Incident Response Team at [email protected].

 

 

 

Source

[The AchieVer]

Your Emails May Have Been Compromised: Microsoft Warns Users of Cyber Attack

In an email notification to some affected users, Microsoft said it became aware of an issue involving unauthorised access to some customers' email accounts by cyber criminals.

San Francisco: Microsoft has alerted some of its webmail users of possible hacker attacks that could access their email accounts illegally, media reports said.

In an email notification to some affected users on Saturday, Microsoft said it became aware of an issue involving unauthorised access to some customers' web-based email accounts by cyber criminals.

"We have identified that a Microsoft support agent's credentials were compromised, enabling individuals outside Microsoft to access information within your Microsoft email account" between January 1 and March 28," Xinhua quoted Microsoft as saying in the email.

The unauthorised access could have allowed unauthorised parties to view or access information of Microsoft email user accounts, such as email address, folder names, and the subject lines of emails, it said.

 

However, the software giant said the content of attached documents to emails would not be read or viewed, and it did not specify how many users of its Outlook.com mail service were affected. "Microsoft regrets any inconvenience caused by this issue," said the company, recommending that affected users reset their login passwords.

The company assured its users that it has immediately disabled the compromised credentials to prevent their use for any further unauthorised access.

Microsoft has offered contact information for its data protection officer to help possible hacking victims to better protect their email accounts.

 

 

Source