Click here to sign up for our newsletter & receive a £5 voucher![close]
×

Registration

Profile Informations

Login Details

or login

First name is required!
Last name is required!
First name is not valid!
Last name is not valid!
This is not an email address!
Email address is required!
This email is already registered!
Password is required!
Enter a valid password!
Please enter 6 or more characters!
Please enter 16 or less characters!
Passwords are not same!
Terms and Conditions are required!
Email or Password is wrong!

Microsoft Support Breach Gets Ugly, Hackers Could Read Outlook, MSN, Hotmail Emails

Outlook
It turns out that a security breach affecting some users of Microsoft's Outlook.com, Hotmail.com, and MSN.com webmail services is worse than originally thought. In an email that was previously sent to users, Microsoft said a hacker managed to swipe a support agent's login credentials, potentially exposing email addresses, subject lines, and other information, but not the actual contents of any emails. As Maury Povich would say, 'That was a lie'.

More accurately, that is not the full story. As far as we know, Microsoft did not actually lie to the users who received that specific email, in which the company admitted that email addresses, folder names, subject lines, and email recipient addresses could have all been exposed. But for a smaller subset of customers, the breach is even worse. That information was not included in that specific email.

The folks at Motherboard received a tip from someone who saw the attack in action and provided the site with a screenshot showing that actual email contents were exposed as well. That tip came in before Microsoft issued its initial statement. When shown the screenshot, Microsoft apparently confirmed that hackers did in fact gain access to the actual contents of emails, though not everyone's.

According to Microsoft, out of the small number of users who are affected by this, around 6 percent could have had their email contents exposed as well. Those users received a different email that outlined the expanded scope of the breach.

"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access," Microsoft said in a statement.

Microsoft further stated that the limited subset of affected accounts only included consumer accounts, and not paid ones for enterprise customers. If true, businesses need not worry about sensitive information being leaked, though it comes as little consolation to non-paid users who trusted Microsoft not to bungle their email.

The breach itself is concerning, but what is also worrying is that Microsoft did not fess up to the full extent of the breach in one of the emails. Sure, it is an embarrassing situation for Microsoft, but this is not the way to handle such things.

Go to Source