Microsoft support agent's email hacked, customer emails compromised

Joanna Estrada
April 15, 2019

Details of the security breach were revealed when TechCrunch ran a report claiming that some accounts - and those with Hotmail email addresses (the old name for or users - had been compromised.

Email accounts across Microsoft's Outlook, Hotmail and MSN services were left vulnerable for nearly three months after it emerged that hackers had targeted them.

Microsoft clarified that this "affected a limited subset of consumer accounts" and that the malicious activity began at the start of January 2019 and ran through to nearly the end of March, so essentially lasted three months.

"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access".

Microsoft later admitted that this was indeed the case, explaining that the emails of a small number of users might have been exposed, and it notified them accordingly.

Microsoft said the credentials gave access to the email addresses, subject lines and folder names of a "limited number" of email accounts, but not the actual contents of the email. Enterprise users were unaffected.

"Our data indicates that account-related information (but not the content of any e-mails) could have been viewed, but Microsoft has no indication why that information was viewed or how it may have been used", the report quoted the company as saying in its email.

Microsoft stated that the content of emails and login credentials were not compromised in the data breach, but still recommended that affected users change their passwords.

However, responding to an article in the online Vice website Motherboard, Microsoft confirmed that some users were advised that the content of their emails may have been vulnerable to the hacker. Of course, if you have been affected then you should have had an email informing you of this by now.

Other reports by Click Lancashire

Discuss This Article