Hackers compromised Microsoft support to access email accounts
Hackers used a Microsoft support agent's credentials to gain access to email account data for months.
Over the weekend, Microsoft confirmed that its email services suffered a breach, allowing hackers to view data associated with MSN, Hotmail, and Outlook email accounts.
In a statement to TechCrunch, Microsoft said that the hackers had used a customer support agent's compromised credentials to view users' email addresses, folder names, subject lines, and lists of email addresses that affected users had corresponded with.
"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access," a Microsoft spokesperson told TechCrunch in a statement.
In its initial statement, Microsoft said that the contents of emails weren't visible to the hackers. However, Motherboard later confirmed with Microsoft that email contents for "around six percent" of customers affected by the breach were impacted.
Microsoft has sent out email notifications to those who were affected by the breach, and it recommends that users change their passwords as a precautionary measure. The company says that hackers had access to the information between January 1 and March 28, but an anonymous source speaking with Motherboard offered a conflicting timeframe, saying that "hackers had access for at least six months."
According to Microsoft, corporate-level accounts were not affected by the breach.
Windows Central Newsletter
Get the best of Windows Central in your inbox, every day!
Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl.