According to Microsoft report, between January 1, 2019 till March 28, 2019, third parties had access to data, connected with foreign email-accounts.
Company explains that unknown intruders compromised account details of unnamed technical service employee and got access to folders, email themes, email-accounts and other correspondence details.Although initially Microsoft denied that hackers had access to letters and attachments, soon the truth opened. Vice Motherboard journalists, referencing their own anonymous source, argue that intruders had full access to Outlook, MSN and Hotmail.
Allegedly, hackers compromised one of the top-managers with high privileges as cybercriminals could see content of users’ letters and attachments (in other words, to read users’ correspondence) while average employees do not have this option. Confirming this claim, anonymous source presents screenshots with perfectly visible with email body panel and body of letter itself.
ZDNet also insists that letters were available to cybercriminals, referencing former Microsoft engineer that decided to stay undisclosed.
After media turned to Microsoft for explanations, company confirmed that is some cases hackers could really read users’ mails. However, Microsoft representatives insist that this problem could touch less than 6% of all users, and all victims were informed about an incident. Company refused to provide more details of this case.
Reportedly, company recalled compromised employee’s data immediately after Microsoft was informed about hacking. Vice Motherboard informs that attack was noticed at the end of March 2019, so the gap was opened for more than half a year.
Source: motherboard.vice.com