Tech giant Microsoft has revealed that the hackers behind the recent Outlook.com security breach could have accessed users’ emails.
The Verge reports that Microsoft has admitted that the Outlook.com security breach was more severe than previously reported. Microsoft notified Outlook users on Friday that hackers may have been able to access their accounts for a period of months earlier in 2019. The hackers were reportedly capable of viewing users email addresses, folder names, and email subject lines; but in a separate email, Microsoft stated that hackers could have viewed email contents also.
Six percent of Outlook.com users reportedly received a notification message which admitted this. Microsoft reportedly discovered that a support agent’s credentials were accessed for its webmail service giving unauthorized access to some accounts between January 1 and March 28, 2019. Vice’s Motherboard vertical claimed that some accounts were accessed by hackers for up to six months but Microsoft has disputed this, calling the claim “inaccurate.”
Microsoft also claimed that the vast majority of Outlook.com users would have received a notification published over the weekend which claimed that accounts were accessed between the March and January dates. Micorosft tole The Verge in a statement: “Our notification to the majority of those impacted noted that bad actors would not have had unauthorized access to the content of e-mails or attachments. A small group (~6 percent of the original, already limited subset of consumers) was notified that the bad actors could have had unauthorized access to the content of their email accounts, and was provided with additional guidance and support.”
Microsoft has yet to reveal the official number of accounts affected by the data breach.