Microsoft confirmed to TechCrunch today that some of their webmail users had their email accounts exposed to intruders between January 1 and March 28 after obtaining the credentials of a Microsoft customer support agent.
In follow-up questions with other Microsoft engineers, we were also told that the confusion about what the hacker might have accessed depends on whose account the hacker accessed, as the term "support agent" is used for both tech support staff, but also for engineers working with Microsoft's enterprise customers. This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments, between January 12019 and March 28 2019. As part of maintaining this trust and commitment to you, we are informing you of a recent event that affected your Microsoft-managed email account.
The email sent out to users by Microsoft notes email addresses, folder names, subject lines of emails and email recipient addresses may have been exposed, but likely not the content of the emails themselves.
Upon awareness of this issue, Microsoft immediately disabled the compromised credentials, prohibiting their use for any further unauthorized access.
Microsoft has offered contact information for its data protection officer to help possible hacking victims to better protect their email accounts.
"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access", said a Microsoft spokesperson in an email. However, out of caution, you should reset your password for your account.
However, the software giant said the content of attached documents to emails would not be read or viewed, and it did not specify how many users of its Outlook.com mail service were affected.
The company is in the process of sending notifications to those who have been affected by the issue and it recommends users change their account passwords.