Microsoft encounters infiltration into some A/Cs on its Outlook.com

Microsoft is notifying certain account owners of its Outlook.com about one hacking attempt that resulted in the compromise of their accounts over a number of months earlier in 2019. After discovering a compromise of the credentials of one support agent of Microsoft so that the software major's web-mail could be hacked, the company noticed there was illegitimate admission into certain A/Cs during the period 1st January to 28th March, 2019.

Meanwhile, there's little clarity about what number of users are impacted because of the hack, as also of the person's identity responsible for acquiring the access to the e-mail A/Cs on Outlook.com. Microsoft has e-mailed to impacted users stating the company's data shows a possible viewing of account-related details, however, not any e-mail's content, while, Microsoft couldn't determine the reason behind the viewing nor in what way the details might've been utilized.

Microsoft further writes that in addition to the electronic mails' contents, particularly attachments, the hacker probably viewed the A/Cs' e-mail ids, subject lines, and folder names in the messages exchanged. Although the hacker couldn't capture personal information such as login details, still for precaution Microsoft is suggesting impacted users to change their old passphrases. The security note states while Microsoft regretted the situation, it assured consumers it was very serious about data protection as well as had asked its own privacy and security personnel to start an investigation and design a solution to the problem. Microsoft was hardening its processes along with systems still further for stopping such recurrence, the note adds. www.theverge.com posted this, April 13, 2019.

Microsoft in its letter elaborates the hacker was able to infiltrate the system via a compromise of the credentials of certain client-support agent. When found out, experts disabled those credentials. The company cautioned that the data viewing could induce more of spam else phishing e-mails for users.

According to the software giant, it has stopped any further access by the perpetrator via deactivating the credentials he'd utilized originally. Importantly, it is analyzing the matter although there is little to say regarding which person may've executed the assault alternatively what way he may've utilized the A/C-related details.

» SPAMfighter News - 4/19/2019