Microsoft has admitted that during the first three months of 2019, hackers had access to some details of certain Outlook.com email accounts. The company hasn’t offered up details of how many users were affected.
A number of Outlook.com email accounts were accessible to hackers from January 1 to March 28, 2019. The access was accomplished via a support agent’s login credentials which were compromised.
The Redmond-based firm assures users that no message data was revealed. Data exposed includes the account holder’s email address, the subject headings of any messages, “and the names of other email addresses you communicate with,” says Microsoft.
“This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account,” said Microsoft in an email sent to users,” but not the content of any emails or attachments.”
The company hasn’t offered details as to how the breach was discovered, only that once discovered it was stopped quickly. “Microsoft immediately disabled the compromised credentials, prohibiting their use for any further unauthorized access,” it says. “Our data indicates that account-related information (but not the content of any emails) could have been viewed, but Microsoft has no indication of why that information was viewed or how it may have been used.”
Microsoft says a possible side-effect of the breach could be an increase in phishing emails or an increase in the amount of spam emails customers will receive.
The company says that while user email login credentials were not directly impacted in the breach, out of caution users should reset their account passwords.