Outlook and Hotmail users left exposed in Microsoft email breach

Ruben Fields
April 15, 2019

Microsoft's Outlook.com service has been the subject of a pretty serious hack in recent weeks.

But according to the cited source, hackers were able to gain "full access to email content", as the compromised account had high privileges.

"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access", the report quoted a Microsoft spokesperson as saying.

"Upon awareness of this issue, Microsoft immediately disabled the compromised credentials, prohibiting their use for any further unauthorized access", the company said.

Microsoft has started notifying some Outlook.com users that a hacker has been accessing their accounts for several months.

'This unauthorised access could have allowed unauthorised parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments, between January 1st2019 and March 28th 2019.

Julian Assange hit embassy staff, says president of Ecuador
He told The Guardian: "We can not allow our house, the house that opened its doors, to become a centre for spying". The U.S. charge carries a possible five-year prison sentence. "This activity violates asylum conditions".

We don't know how many accounts that is, because Microsoft didn't provide an estimate of the overall number of users who were hit by this hack. A source described the attack before Microsoft released its statement, and then provided screenshots to prove it. Microsoft then confirmed to Motherboard that some email content had been accessed.

The support account would also have only had access to free Outlook.com/Hotmail/MSN-branded accounts, and not to paid Office 365 email.

Even if only a small number of users had their email contents breached, not being totally honest about the situation won't have done Microsoft any PR favors, and could see customers question any future statements from the company.

Microsoft did not respond to multiple requests for additional comment.

The company added that although password information had not been affected, it encouraged users to change their log-in details "out of caution".

Other reports by

Discuss This Article