[BreachExchange] Microsoft discloses security breach that impacted some Outlook accounts

Mon Apr 15 08:47:23 EDT 2019

https://www.zdnet.com/article/microsoft-discloses-security-breach-impacting-some-outlook-accounts/

On Friday, Microsoft sent out notification emails to some users
informing Outlook account owners of a breach the company suffered and
which might have also impacted Outlook users directly.

According to Microsoft, between January 1, 2019, and March 29, 2019, a
hacker, or group of hackers, compromised the account of a Microsoft
support agent, one of the company's customer support representatives
that handles technical complaints.

The OS maker said it disabled the compromised support agent's
credentials once it learned of the unauthorized intrusion; however,
the company said there might be a possibility that the hacker accessed
and viewed the content of some Outlook users' accounts.

"This unauthorized access could have allowed unauthorized parties to
access and/or view information related to your email account (such as
your e-mail address, folder names, the subject lines of e-mails, and
the names of other e-mail addresses you communicate with), but not the
content of any e-mails or attachments," Microsoft said in the email
sent to customers.

However, former Microsoft engineers have contested this claim --that
support agents can't view user's email content.

"They can see how many emails you have, where the database lies, email
content, last person you emailed," one former engineer told ZDNet via
encrypted chat.

Contacted by ZDNet, Microsoft confirmed that hackers did access the
content of some user accounts. The company put the number at around
six percent of the people who received an email notification.

Those users received "additional guidance and support," Microsoft said.

In the meantime, the company is recommending that users who received
the email about this recent breach change their Outlook.com
credentials, "out of caution," even if hackers did not access Outlook
users' passwords.

ZDNet understands that the incident only affected a small number of
Microsoft Outlook users and that Microsoft has also increased
detection and monitoring for the affected accounts, just to be sure
there's no unauthorized access for those accounts.

TechCrunch first reported and confirmed the hack earlier today.