Microsoft’s outlook was attacked by Cybercriminals recently, and while the company confirmed that it only affected the email subject and addresses, another news confirms that there are more damages
During the last weekend, Outlook was over-ridden by an anonymous hacker(s), and as a result, users email details were exposed and for those who have a series of classified documents, ‘sorry’ is probably your sake, especially when we don’t know if the hackers have in mind specific targets.
While the news was inconclusive during the weekend, another information is reaching us, and in addition to what has been said, a worst case scenario would have been the exposure of email contents to the hackers, and that is exactly what the software giant has just affirmed in its newest announcement.
The company revealed that its Outlook.com security breach was worse than the company initially revealed. The software maker started notifying some Outlook.com users late on Friday night that a hacker was able to access accounts for months earlier this year. Microsoft’s notification revealed that hackers could have viewed account email addresses, folder names, and subject lines of emails, but in a separate notification to other affected users the company also admitted email contents could have been viewed.
The company prefers to send a separate mail to those who their email contents were viewed mostly because they could be a target, and also to keep their heads up should a fraudulent activity is been attempted. Also, one would be wrong to think that the company did that out of concern, rather, they were forced to after it was presented with screenshot evidence that the breach was far worse for those customers. Microsoft discovered that a support agent’s credentials were compromised for its webmail service, allowing unauthorized access to some accounts between January 1st and March 28th, 2019.
While there has been a lot of controversies around the ongoing hack activity, Microsoft came all out to rectify some information like “the event has been going on for about six(6) months”, A Microsoft spokesperson tells The Verge “the claim of 6 months is inaccurate,” and pointed towards the company’s notification that mentioned access between January 1st and March 28th, 2019. Microsoft also clarified that the vast majority of Outlook.com accounts that were affected received the notification over the weekend.
“Our notification to the majority of those impacted noted that bad actors would not have had unauthorized access to the content of e-mails or attachments,” says a Microsoft spokesperson in a statement. “A small group (~6 percent of the original, already limited subset of consumers) was notified that the bad actors could have had unauthorized access to the content of their email accounts, and was provided with additional guidance and support.”
Anyways, that is all we still have laid hands on so far. The company, however, has refused to reveal the actual number of accounts that were partially, or fully hacked.