Com breach allowed hackers to read (some) emails for months

Doris Richards
April 15, 2019

A report from Motherboard and citing an unnamed source with knowledge of the hack reveals that the attackers could "gain access to any email account as long as it wasn't a corporate level account".

Microsoft has started notifying some users that a hacker has been accessing their accounts for several months. A source told Motherboard reporter Joseph Cox outsiders could exploited a customer support portal to infiltrate any normal customer account, reading contents including the body of an email message.

However, responding to an article in the online Vice website Motherboard, Microsoft confirmed that some users were advised that the content of their emails may have been vulnerable to the hacker.

A "limited" number of people had their accounts compromised in a breach that took place between January 1st and March 28th, according to Microsoft.

'This unauthorised access could have allowed unauthorised parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments, between January 1st2019 and March 28th 2019. Enterprise users were unaffected. "We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access", a Microsoft spokesman said of the incident. They also claim that the hack lasted at least six months, doubling the period of vulnerability that Microsoft has claimed.

Even though the software giant ensures that no login details or other personal information were stolen by the hackers, the company is recommending that affected users reset their passwords.

Specifically, Microsoft admitted it had sent notifications of a security breach to some users which informed them that their email content had (potentially) been read, but that this only applied to a small amount of the affected users, around 6%.

Other reports by Iphone Fresh

Discuss This Article