Hackers compromised some Outlook email accounts to the extent that they were even able to read user emails.
The number of accounts is described as ‘limited’ but while the situation over the weekend – first reported by TechCrunch – appeared to be limited to information related to customer accounts, Motherboard then reported that a witness told them the information actually involved the full content of emails.
It appears that, again, this was only the case for a small portion of the overall number of compromised accounts. However, they were definitely able to see the subject lines of emails and contact information that affected users had communicated with.
It’s possible that they could have accessed other information related to user accounts, such as calendar information, but this is unconfirmed.
It seems that a support employee had their login compromised, which meant the hackers were easily able to gain access to the account information. Microsoft emailed users affected last week. The email said: “we have identified that a Microsoft support agent’s credentials were compromised, enabling individuals outside Microsoft to access information within your Microsoft email account”.
Microsoft said in a statement: “We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access.”