Hackers broke into some Outlook email accounts: Details here
In yet another privacy-related debacle, Microsoft has revealed that its popular webmail service Outlook.com has been compromised. The Redmond giant has revealed that an outsider broke into some user accounts and possibly accessed information from them, The Verge reported. The unauthorized control remained active for months earlier this year but has now been back, Microsoft says. Here are the details.
How hackers got access to accounts
In an email, Microsoft apprised affected individuals about the attack and claimed that issue stemmed from the compromised credentials of one of its support agents. Essentially, with the help of the agent's outlook account, hackers were able to access select user accounts between January 1 and March 28, 2019. However, the company did not provide the exact number of users whose accounts were compromised.
No access to email contents or attachments
Microsoft says its data indicates the unauthorized access may have allowed the attackers to view or steal certain information related to the affected Outlook email accounts. This could have included your email address, your contacts' email addresses, folder names, and subject lines of emails, but no email content or attachments, the company emphasized while apologizing for the error.
Issue fixed, investigation underway
For now, Microsoft says it has blocked the perpetrator's access by disabling the credentials they had used in the first place. The company says login-passwords were not breached but recommended changing passwords for additional line of security. Notably, it's looking into the matter but there's no word on who may have carried out the attack or how they may have used the account-related information.
Here's what Microsoft told affected Outlook users
"Please be assured that Microsoft takes data protection very seriously and has engaged its internal security and privacy teams in the investigation and resolution of the issue, as well as additional hardening of systems and processes to prevent such recurrence," Microsoft said.
Stolen emails could contribute to phishing
As Microsoft tries to contain the fallout of this issue, it's important to note that stolen emails and subjects can be used to carry out sophisticated phishing attacks. The hackers could target you with spoofed emails to gain access to your banking or personal login-passwords. Once such information is accessed, they could carry out financial or identity fraud. So, watch out for fake emails!
