Microsoft has admitted that its Outlook.com platform was hacked. Users of its email system are affected. That includes Outlook.com, MSN and Hotmail email accounts.
A support agent had their credentials compromised by hackers. The hackers had full access to Outlook.com which also hosts the msn and Hotmail email accounts. Microsoft will not admit to how many users are affected but say that they have contacted affected users and also as a precaution made them all change their passwords although they say that there are no user credentials that have been compromised.
Claims that it has been going on for longer
Microsoft dismissed claims that the breach had been going on for around 6 months and stated that it had only been between January 1st and March 28th 2019.They also claim that only around 6% of the total affected users had been fully breached. Certainly the hackers had full access to email and attachments of those affected.
The Managing Director and a Security Expert at CritchCorp Computers Ltd stated:
It seems unlikely that they had different levels of access to users email accounts and more likely that they had full access to all the accounts. However as Microsoft will not elaborate on breach it is difficult to say.
Screen shots of the breach have been provided to Microsoft, which prompted them to admit that the hack had happened and further screen shots to admit to the extent of the hack.
What they may have done
You may well have noticed more phishing emails during this time and indeed in the future. These emails may come from someone you know and use your name in them. They may well urge you to click a link which will inevitably ask you for money in some way, or infect you with a virus that will steal credentials to banking sites or other high value websites.
You should always be vigilant when receiving email and even more so when it comes from a free email account such as Hotmail or Outlook.com but now you will need to extra vigilant.
There is also a suggestion that they may have used the breach to reset stolen iPhones. Apple has started to tie iPhones to the email address. Therefore only the email address holder can reset the phone to factory default.
What to do if you use Outlook.com
If you know of any Outlook.com users then you should urge them to immediately check their email for a message from Microsoft. In any case perhaps change their password and/or email service provider. We recommend SecuredMail.App, BasicMail or our Cloud Mail accounts as an alternative to any free or paid for email service. All are available from our store and can replace Outlook.com, Gmail, yahoo mail and iCloud mail.
CritchCorp Computers Ltd