Hackers reportedly abused Microsoft's customer support to read Hotmail, Outlook.com email

It's not a bad idea to change your email password anyway.

Hackers reportedly compromised a Microsoft customer support account, exposing its credentials, and by extension customer email on Microsoft web-based email services like Hotmail, Outlook.com, and MSN.

TechCrunch reported over the weekend that Microsoft is sending emails to affected users, warning them of the issue. Presumably, those users who have not been contacted are unaffected.  (Microsoft hasn't said how many accounts were affected, nor did the company identify the specific services affected.)

At the time, Microsoft believed the attackers would only be able to read header information, such as the subject line or the address from which the email was sent. On Monday, however, Motherboard reported that email content was accessible as well. Microsoft then confirmed to Motherboard that a small number of users—six percent, according to Motherboard—had received email notifications stating that their email content had been impacted.

Microsoft representatives hadn’t responded to a request for comment by press time.

According to the original email sent to users, Microsoft said that the login information of individual users was not at risk; however, the company warned that attackers could send phishing emails or other attempts to either trick or pry personal information away from users. Microsoft recommended that users change their passwords as a precaution.

Unfortunately, if a user was one of the small number of users whose emails were directly accessed, that means that any personal information communicated during the January 1 - March 28 timeframe is potentially compromised.

“Please be assured that Microsoft takes data protection very seriously and has engaged its internal security and privacy teams in the investigation and resolution of this issue, as well as additional hardening of systems and processes to prevent such recurrence,” Microsoft’s original email stated, as reported by a user on Reddit

What this means to you: If you use one of Microsoft’s affected services, consider changing your password anyway—the scope of the breach may widen. Also, dig down into your spam folder. While it’s unlikely that an email of this importance was buried, it’s possible, and you’ll want to know about it. 

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags microsoft outlook

More about HotmailMicrosoftMSN

Show Comments
[]