Microsoft e-mail accounts suffered from six-months breach

Posted on Tuesday, Apr 16 2019 @ 11:25 CEST by Thomas De Maesschalck
MSFT logo
Microsoft confirmed hackers managed to access some of the contents of Microsoft-hosted e-mail accounts for a period of time. The hackers got into Microsoft's system via an unidentified customer support agent, who had high-level access to Microsoft's web-based e-mail system.

ARS Technica writes it's unclear how long the hack lasted. Microsoft claims the breach occurred between January 1 and March 28 of this year, while the hackers claim they had access for at least six months:
The hackers, however, dispute this characterization. They told Motherboard that they can indeed access email contents and have shown that publication screenshots to prove their point. They also claim that the hack lasted at least six months, doubling the period of vulnerability that Microsoft has claimed. After this pushback, Microsoft responded that around 6 percent of customers affected by the hack had suffered unauthorized access to their emails and that these customers received different breach notifications to make this clear. However, the company is still sticking to its claim that the hack only lasted three months.
Microsoft said it disabled the hacked customer support agent credentials.

Enterprise customers were not affected.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments