Microsoft this week admitted that “cybercriminals” have compromised a small number of Outlook.com accounts. But the firm says it has no idea how the accounts were compromised.
“Microsoft recently became aware of an issue involving unauthorized access to some customers’ web-based email accounts by cybercriminals,” a Microsoft statement provided to Techcrunch reads. ”We addressed this scheme by disabling the compromised credentials to the limited set of targeted accounts, while also blocking the perpetrators’ access. A limited number of consumer accounts were impacted, and we have notified all impacted customers. Out of an abundance of caution, we also increased detection and monitoring to further protect affected accounts.”
Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!
"*" indicates required fields
Here’s what we do know.
The accounts were compromised during January, February, and March 2019.
To access the customer accounts, the cybercriminals first compromised Microsoft support representative accounts. Microsoft doesn’t know how this happened, but it has since disabled those accounts.
“You should be careful when receiving any e-mails from any misleading domain name, any e-mail that requests personal information or payment, or any unsolicited request from an untrusted source,” a Microsoft email to the compromised customers reads. The problem being, of course, that Microsoft support representatives should generally be trusted.
The compromises only include consumer Outlook.com accounts, not commercial (business) accounts of any kind.
Though email login credentials were not directly impacted by this incident, Microsoft is recommending that all impacted customers reset their email passwords as a precaution.
dontbe evil
<p>gladly many people use google … oh wait…</p>
dontbe evil
<blockquote><em><a href="#420466">In reply to Winner:</a></em></blockquote><p>search for google data breach, enjoy</p>
Bats
<p>Wait a second…..didn't Saint Satya say this a few years ago (lol), "Security Is The 'Most Pressing Issue Of Our Time'"</p><p><br></p><p><span style="color: rgb(51, 51, 51);">To execute on this, Nadella said, Microsoft will be building out a comprehensive platform that will extend from protection to detection to response, tying in threat intelligence to allow for a more proactive approach, and forming partnerships with other vendors in the IT industry.</span></p><p><br></p><p>That was about 4 years ago!</p><p><br></p><p>I swear…Microsoft is such a "hot mess" and they are trying to sell their products and services to the public? (LOL)</p><p><br></p><p><br></p>