Tech

Com hack more extensive than Microsoft first claimed, email contents compromised

Com hack more extensive than Microsoft first claimed, email contents compromised

It's not clear how many users have been affected by the breach.

However, Microsoft said the hackers could only see the user's email address, folders, and subject lines of messages (as well as addresses the user has emailed), but that they couldn't actually read the contents of an email, or view attachments (or indeed gain access to the login credentials of the account).

Microsoft clarified that this "affected a limited subset of consumer accounts" and that the malicious activity began at the start of January 2019 and ran through to nearly the end of March, so essentially lasted three months. "In 2014, Microsoft looked into the email account of a French blogger to identify a Windows 8 leaker", highlighted the Motherboard report.

Microsoft later admitted that this was indeed the case, explaining that the emails of a small number of users might have been exposed, and it notified them accordingly.

Microsoft confirmed to Motherboard that it sent breach notification emails to Outlook.com users who had their emails read by hackers, and the company added that this was just 6% of users affected by the hack.

More news: Khloe Kardashian is anxious for True's birthday

"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access".

The support account would also have only had access to free Outlook.com/Hotmail/MSN-branded accounts, and not to paid Office 365 email.

While the breach is severe, Microsoft claims that the most sensitive of personal data - passwords and the contents of emails, as well as any files attached to said emails - were not accessible using the stolen credentials.

Microsoft did not respond to multiple requests for additional comment. A source described the attack before Microsoft released its statement, and then provided screenshots to prove it. Microsoft then confirmed to Motherboard that some email content had been accessed. Out of an abundance of caution, we also increased detection and monitoring to further protect affected accounts.