Microsoft’s Outlook.com webmail service had been compromised since January 1.
The security breach went undiscovered until March 28. Microsoft revealed this breach to its users on April 12, in the form of a notification being sent out. The notification informed the affected subset of users that the hackers could only see the account email addresses, folder names, and subject lines of emails.
Microsoft later revealed to The Verge that the breach was worse, for some, than they previously admitted. While it was true that the hackers were only able to view subject lines, folder names and email addresses of a subset of webmail service users. 6 percent of this subset, received a different notification, which stated that the hackers were also able to view the contents of their emails. Microsoft was not revealing the actual number of affected users.
Vice’s Motherboard falsely claimed in an article that the breach had happened almost 6 months ago and also that the hackers were able to use the stolen information to access users’ iCloud accounts and deactivate security locks on iPhones. This false claim was debunked by the Microsoft spokesperson, in a statement to The Verge. The spokesperson clarified that “the claim of 6 months is inaccurate,” and reiterated that the security breach lasted from January 1 until March 28.
Microsoft clarified that the hackers were only able to view email addresses, subject lines and folder names of the vast majority of affected accounts. “A small group (~6 percent of the original, already limited subset of consumers) was notified that the bad actors could have had unauthorized access to the content of their email accounts, and was provided with additional guidance and support.” The spokesperson further clarified to The Verge.
Microsoft revealed how the hackers were able to breach the security protocols. Microsoft collaborates with support agents for their webmail service. Upon investigation, Microsoft discovered that the security credentials of one of its support agents were compromised. This security lapse allowed hackers a backdoor into the webmail service’s security protocols.
Due to the fact that the breach went unnoticed for months, the webmail service’s users are in a state of alarm. Most large businesses rely on email security for their business. More businesses are shifting internal communications to applications like Teamviewer, which allow for more secure internal communications.
No harm in being extra cautious!
more recommended stories
- What is conflict-free jewelry and why does it matter?
As humans, we often try to.
- New driver? Here’s how to prevent road accidents
Driving can feel intimidating activity for.
- The significance of Instagram and email marketing for retail businesses
One of the biggest assets you.
- Four awesome things you can do with a Macbook
If you’re lucky enough to own.