According to a report by Digital Trends, Microsoft webmail services
In an email sent to affected users, Microsoft said that the hackers were possibly able to access email addresses, subject lines of emails, folder labels, and the names of other email addresses that the user contacted.
Fortunately, the content of emails, including attachments, were not compromised, nor were login credentials such as passwords.
The hackers were able to carry out the security breach, which happened from January 1 to March 28, by compromising the credentials of a customer support agent. Microsoft has identified the credentials that the hackers used and disabled them.
Microsoft warned that affected users may receive more spam emails, and may be on the receiving end of phishing attempts.
Affected users of Microsoft webmail services are also advised to stay vigilant against such attacks. Users are still advised to change their passwords even if the contents of their emails were not compromised. This is because hackers may be able to use the addresses for identity theft purposes.
In the same letter, Microsoft also said:
“Please be assured that Microsoft takes data protection very seriously and has engaged
its internal security and privacy teams in the investigation and resolution of the issue, as well as additional hardening of systems and processes to prevent such recurrence…”.
It is unclear how many users were hit by the data breach, and who the hackers behind the attack are. Ensure that you take all necessary measures to protect your account if you are affected by this breach.
Read “How To Stay Safe in an Interconnected World” part 1 and part 2 to learn how to protect yourself online.
News source: digitaltrends.com