Microsoft has notified its users of a data breach affecting the users of their @msn and @hotmail email services.
Late last week, according to media reports, a “limited” number of people have had their accounts compromised. We don’t know how many, or where they were located.
“We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access,” said a Microsoft spokesperson in an email.
Microsoft had notified the affected users of the breach, ironically, via email. In the message, the company had told its users that hackers may have gained access to their email addresses, folder names, email subject lines, as well as other email addresses the victims communicated with.
No content of these emails, attachments or login credential were taken, the company said.
The data breach happened in the first quarter of the year, Microsoft said, adding that users should still change their passwords, just to be on the safe side.
So how did all of this happen, in the first place? Apparently, it seems that a customer support agent was compromised and his/hers credentials stolen. That was the hackers’ entry point, which had allowed them access to everything that was listed earlier in the article.
The credentials were disabled in the meantime. “You should be careful when receiving any e-mails from any misleading domain name, any e-mail that requests personal information or payment, or any unsolicited request from an untrusted source,” the company warned.
Image source: Shutterstock/Ai825