Microsoft has admitted that its Outlook.com platform was hacked. Users of its email system are affected. That includes Outlook.com, MSN and Hotmail email accounts.

A support agent had their credentials compromised by hackers. The hackers had full access to Outlook.com which also hosts the msn and Hotmail email accounts. Microsoft will not admit to how many users are affected but say that they have contacted affected users and also as a precaution made them all change their passwords although they say that there are no user credentials that have been compromised.

[ink-ad-creator ad=”1327″][/ink-ad-creator]

Claims that it has been going on for longer

Microsoft dismissed claims that the breach had been going on for around 6 months and stated that it had only been between January 1st and March 28th 2019.They also claim that only around 6% of the total affected users had been fully breached. Certainly the hackers had full access to email and attachments of those affected.

The Managing Director and a Security Expert at CritchCorp Computers Ltd stated:

It seems unlikely that they had different levels of access to users email accounts and more likely that they had full access to all the accounts. However as Microsoft will not elaborate on breach it is difficult to say.

Screen shots of the breach have been provided to Microsoft, which prompted them to admit that the hack had happened and further screen shots to admit to the extent of the hack.

What they may have done

You may well have noticed more phishing emails during this time and indeed in the future. These emails may come from someone you know and use your name in them. They may well urge you to click a link which will inevitably ask you for money in some way, or infect you with a virus that will steal credentials to banking sites or other high value websites.

You should always be vigilant when receiving email and even more so when it comes from a free email account such as Hotmail or Outlook.com but now you will need to extra vigilant.

There is also a suggestion that they may have used the breach to reset stolen iPhones. Apple has started to tie iPhones to the email address. Therefore only the email address holder can reset the phone to factory default.

What to do if you use Outlook.com

If you know of any Outlook.com users then you should urge them to immediately check their email for a message from Microsoft. In any case perhaps change their password and/or email service provider. We recommend SecuredMail.App, BasicMail or our Cloud Mail accounts as an alternative to any free or paid for email service. All are available from our store and can replace Outlook.com, Gmail, yahoo mail and iCloud mail.

Keep Safe

CritchCorp Computers Ltd

[ink-ad-creator ad=”1746″][/ink-ad-creator]

YahooMail, which has now merged with AOL to form OATH, part of Verizon, can allow others, including and most likely, cyber criminals who are out to hack your digital life, to permanently have your yahoo email address; and there is nothing you can do about it. Except get off their service as quickly as possible or don’t start to use them in the first place

Even though Yahoo has now been merged they have kept the terms and conditions, which some on the internet have called a privacy nightmare, largely the same.

The first part is the same as all other FREE email and social media companies, and that is that everything you put, send or receive belongs to you, BUT, you grant them a sublicense to do with your data whatever they please.

The second part is more worrying and that is the fact that, if, for any reason, your account is terminated; including because you didn’t have enough activity on it for a given length of time, which remains unspecified in the terms and conditions, so as they determine it, then they can and will make your username (email address) available for anyone else to register.

If you don’t have enough activity on your account, like those who just use email occasionally or those who just use it for recovery purposes, e.g., you set it as the backup email account if you can’t get in to your Facebook, Twitter, Amazon account, etc.; then you risk having your account terminated and someone else registering it. A cybercriminal, who is sitting watching you and notices that your account has been terminated, can register that account and then reset all your passwords. Then you will lose access to your Twitter or Facebook account and in some cases your PayPal, Bank or Amazon account where your credit card numbers are stored. Now in some countries you may have some protection if this happens but in many you will not and even if you do they typically take around 3 to 6 months to give you any money back, not to mention the hassle of having to change your bank account and credit cards and re-setup your accounts. Avoid all of this and get yourself a proper email account. If you are paying for your email to a reputable company then there is little chance that they are going to use your information to make money (even free services are not free, you pay one way or another) and they are more likely to want to look after you as a client.

Below is the link to the OATH YahooMail Terms and Conditions in full. It has been said that they are the same ones for all their services, and that may be true, although they state there may be other policies, these are the ones that you agree to when you sign up for YahooMail, which is the subject of this article.

https://policies.oath.com/us/en/oath/terms/otos/index.html

And here are the bits we were talking about above:

Look at section 6b – What you give them:

IP Ownership and License Grant. Except as otherwise provided in the specific Oath product terms or guidelines for a Service, when you upload, share with or submit content to the Services you retain ownership of any intellectual property rights that you hold in that content and you grant Oath a worldwide, royalty-free, non-exclusive, perpetual, irrevocable, transferable, sublicensable license to (a) use, host, store, reproduce, modify, prepare derivative works (such as translations, adaptations, summaries or other changes), communicate, publish, publicly perform, publicly display, and distribute this content in any manner, mode of delivery or media now known or developed in the future; and (b) permit other users to access, reproduce, distribute, publicly display, prepare derivative works of, and publicly perform your content via the Services, as may be permitted by the functionality of those Services (e.g., for users to re-blog, re-post or download your content). In some of the Services, there may be specific terms or settings allowing a different scope of use of the content submitted in those Services. You must have the necessary rights to grant us the license described in this Section 6(b) for any content that you upload, share with or submit to the Services.

And Section 7d – What happens when your account is terminated:

Subject to any statutory rights you might have, if your account is terminated, access to your username, password and all related information, files and content associated with your account may be terminated and your username may be recycled for use by others. If the Service is a paid service, please consult Oath’s payment terms which can be found here.

One last important note; if you are reading this thinking well, luckily I use Gmail or Hotmail (LiveMail) or some other free email provider then remember this. They own the server, they own the domain name, and they can charge whatever they like, which may well be nothing at the moment. ALL of the social media and free email companies that we have looked at have similar terms and conditions as far as you Intellectual Property (IP) goes. They can always add the section that says they can reuse your email address if they choose to. They owe you nothing.

Stay Safe

CritchCorp Computers Ltd

[ink-ad-creator ad=”1327″][/ink-ad-creator]