Geek Dashboard Home
HomeNews

Few Outlook Accounts Were Accessed by Attackers for Several Months, Says Microsoft

3 min read 2 Comments

If you are using a Microsoft Outlook account then your account might have received an email from the company. This email is to inform you that there is a possibility of your account being accessed by attackers. Yes, the company has revealed that there was a breach on Outlook.com due to which an attacker could have seen your emails.

However, the company says that the information available to attackers was limited. Microsoft says that the attackers were able to see only the subject line of emails but not the content. Also, some account-related information was also visible to the attacker though.

Also Read: How to Send and Receive Encrypted Emails 

Microsoft says some Outlook.com accounts were compromised

Revealing more about the breach, Microsoft informed that the said access was possible between January 1st to March 28, 2019. Therefore, it is most likely that the attackers were able to see your account information for the past three months. The company also explains how this breach took place and how they knew about it. Well, it must be noted that there was no bug or exploit found on Outlook.com.

Microsoft letter to Outlook.com users on breach
Here is the letter Microsoft sent to Outlook users earlier this week

Rather, this was just a case of stolen account credentials of one of Outlook’s support agent. You would know that a support agent has access to most of the accounts on that platform. Therefore, the attacker was able to get information about Outlook accounts from that support agent’s credentials.

However, it is surprising that Microsoft was not able to know about this much earlier.

In a letter to Outlook.com users, Microsoft says that

Our data indicates that account-related information (but not the content of any e-mails) could have been viewed, but Microsoft has no indication why that information was viewed or how it may have been used.

The account-related information, according to Microsoft, includes email addresses, folder names and subject lines of emails. But it is not possible that the attacker would have gained access to or opened the emails, claims Microsoft.

Also, the company reassures that the attacker has not stolen any login details or personal information from the compromised accounts. Though, the company recommends its users to change their credentials at the earliest just to be safe.

Microsoft claims that breached account’s credentials were blocked so that access to the account was no longer possible. Microsoft has not revealed exactly how many accounts might have been possibly accessed without permission.

Be the Change!

Spread the word and help us create better tech content

Facebook Twitter Reddit WhatsApp Pinterest
Avatar for Abhishek Jariwala

Abhishek Jariwala

Facebook

Abhishek has a deep love for gadgets and follows each and every new smartphone launch that takes place in the market. He can also be found reading books and watching Cricket or Formula 1 in his free time.

Read all 176 articles from Abhishek

Comments

  2. Avatar for Vinay NagarajuVinay Nagaraju says

    Wow! That took some time for them to discover. I wonder how it ranked against the GDPR requirement of having to report it on time

    Reply

Leave a Reply

The comments section is to assist our readers with any inquiries. Each comment undergoes rigorous moderation before it can be approved for publication.Your name and comment will be publicly visible. Your email address will not be published.Required fields are marked