Allegedly, hackers managed to compromise an account belonging to a Microsoft support agent. On Friday, the company sent out an email to everyone they believe was affected by this.
Microsoft reports the cybersecurity breach took place between the 1st of January 2019 and the 29th of March 2019. At this point, it’s unknown whether it was a hacker or a group of hackers who compromised the support agent’s account, a person responsible for taking care of the company’s technical complaints.
Upon learning of the incident, Microsoft immediately went ahead and disabled the support agent’s account. However, whether the user of that account viewed some other Outlook accounts before the breach was discovered, is still a mystery at this point.
In an email to their customers, Microsoft warned that the users’ email subject lines, folder names, and contacts might have been compromised. On a positive note, the same does not hold true for the content of these emails or their corresponding attachments.
Putting it another way, Microsoft support agents don’t have the necessary privileges to view a user’s email content.
If you were contacted by Microsoft regarding the incident, the company advises you to change your login credentials as an additional precaution. According to Microsoft, the hackers did not manage to get a hold of the passwords, but you’re still advised to change it just in case.
Finally, it’s worth noting that only a small percentage of Outlook accounts were affected by this. Moreover, Microsoft claims to have put increased monitoring in place for these accounts to prevent any unauthorized activity.