Microsoft Outlookcom was compromised for almost 3 months giving hackers access to email accounts

Microsoft Outlookcom was compromised for almost 3 months giving hackers access to email accounts

Microsoft has revealed that Outlook.com was compromised for almost 3 months - January 1 to March 28, 2019 - giving hackers unauthorised access to email accounts. The Redmond-based tech giant has revealed that a support agent’s credentials were compromised for its web mail service enabling individuals outside of Microsoft to access email accounts. The company says that hackers could access email addresses, contacts, folder names and subject lines of emails. The contents of emails as well as attachments were not accessible though, the company said in a statement to The Verge.

Microsoft says that it immediately disabled the compromised credentials once it found out about the breach. The company has not revealed details of how many accounts were compromised and how the accessed information was used. The company has warned users saying, “As a result, you may be receiving phishing emails or other spam mail.” Users have been warned not to open emails from any misleading domain names and to keep their financial information safe in case a dubious email asks for it.

The Microsoft statement goes on to say that users current login credentials have not been affected by the breach. However, users are advised to change their passwords to remain out of caution.  The company has also started notifying some users whose email addresses were compromised. “Please be assured that Microsoft takes data protection very seriously and has engaged its internal security and privacy teams in the investigation and resolution of the issue, as well as additional hardening of systems and processes to prevent such recurrence,” said the company.

The latest incident comes close on the heels of a security researcher pleading guilty to hacking into Microsoft and Nintendo. A 24-year old researcher gained access to Microsoft’s servers in 2017 using stolen company credentials. He then remotely accessed Microsoft’s networks for three weeks by uploading a web shell.  



from Latest Technology News

No comments:

Post a Comment