Microsoft reveals some Outlook.com user accounts were hacked for months
Microsoft said that apart from the content of the emails including attachments, the hackers could have possibly viewed account email addresses, folder names and subject lines of the mails sent and received.
Coming to terms with a hacking and data breach case, Microsoft is reaching out to some users informing them of an Outlook.com hack which exposed data sent over emails to hackers who kept accessing their accounts between January 1 to March 28.
Founded in 1996, Outlook.com is a web-based suite of webmail, contacts, tasks, and calendaring services developed and offered by Microsoft.
In an email being sent to affected users, Microsoft claims that apart from the content of the emails including attachments, the hackers could have possibly viewed account email addresses, folder names and subject lines of the mails sent and received, The Verge reported.
"Our data indicates that account-related information (but not the content of any e-mails) could have been viewed, but Microsoft has no indication why that information was viewed or how it may have been used," the report quoted the company as saying in its email.
The case came into notice when the software giant discovered that credentials of a support agent were compromised for its web mail service which led to unauthorised access into some accounts.
"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access," the report quoted a Microsoft spokesperson as saying.
Even though the software giant ensures that no login details or other personal information were stolen by the hackers, the company is recommending that affected users reset their passwords.
"Please be assured that Microsoft takes data protection very seriously and has engaged its internal security and privacy teams in the investigation and resolution of the issue, as well as additional hardening of systems and processes to prevent such recurrence," the email adds.
As of now, it remains undisclosed exactly how many users were affected by the breach.
This security incident comes weeks after a former security researcher pled guilty to hacking into Microsoft and Nintendo servers for a number of weeks in January 2017, allowing European hackers to access pre-release versions of Windows.