Microsoft has revealed and started notifying some Outlook.com users that a hacker was able to access accounts for months earlier this year. Hacker had access to the email addresses, folder names, and subject lines of emails, but not the content of emails or attachments of the Outlook.com users for three months. However, the company isn’t revealing exactly how many accounts were affected.
Microsoft said, “We have identified that a Microsoft support agent’s credentials were compromised. Individuals outside Microsoft had access to information within email account between January 1 and March 28.”
As per the report, the hacker wasn’t able to steal login details or other personal information, but Microsoft is recommending that affected users reset their passwords as a cautionary measure.
“Our data indicates that account-related information (but not the content of any e-mails) could have been viewed, but Microsoft has no indication why that information was viewed or how it may have been used,” says Microsoft in an email to affected users.
The case came into notice when the software giant discovered that credentials of a support agent were compromised for its webmail service which led to unauthorized access into some accounts.
“We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access,” the report quoted a Microsoft spokesperson as saying.
“Microsoft regrets any inconvenience caused by this issue,” said the company, recommending that affected users reset their login passwords.
The company assured its users that it has immediately disabled the compromised credentials to prevent their use for any further unauthorized access.
Microsoft has offered contact information for its data protection officer to help possible hacking victims to better protect their email accounts.