CYBERSECURITY: Microsoft’s Web-Based Email Services Breached.
Some users of Microsoft’s web-based email services including @msn.com, @hotmail.com, and @outlook.com have had their accounts breached, with the accounts remaining in a compromised state for more than two months.
As TechCrunch and Motherboard report, an email sent out by Microsoft late last week explains that access to its system was gained through compromised Microsoft support agent credentials. Email accounts were then accessed and information including each account’s email address, folder names, subject lines, and the other email addresses communicated with could be viewed.
That was the extent of the breach for most compromised accounts, but around six percent of affected users didn’t get so lucky. The information accessed in their accounts extended to the body of emails, their date of birth, calendar activity, admin center, and their logon history.
What a mess.