More details emerge about the recent Microsoft hack

Apr 15, 2019 07:25 GMT  ·  By

Microsoft confirmed during the weekend that cybercriminals managed to compromise the account of a support agent and then access users’ email accounts.

More details, however, are now making the rounds to indicate that the incident was actually worse than explained in the software giant’s announcement, as the hackers were even able to read users’ emails.

A report from Motherboard and citing an unnamed source with knowledge of the hack reveals that the attackers could “gain access to any email account as long as it wasn’t a corporate level account.”

Microsoft explains in the notification that it sent to users that hackers were able to access some information, like email folder names and subject lines of emails, but no actual content of the email.

“This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments,” Microsoft said (emphasis is ours).

“Our data indicates that account-related information (but not the content of any e-mails) could have been viewed,” it also said (again with our emphasis).

Some user emails also exposed

But according to the cited source, hackers were able to gain “full access to email content,” as the compromised account had high privileges.

Microsoft later admitted that this was indeed the case, explaining that the emails of a small number of users might have been exposed, and it notified them accordingly.

“We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access,” the company was quoted as saying.

Furthermore, while Microsoft says the breach only occurred between January and March, the report indicates hackers had access to email accounts for about six months. Microsoft, however, denied this information.

By the looks of things, the breach occurred as part of a broader attack for iCloud unlocks, as hackers attempt to gain control of email accounts in order to bypass iPhone activation locks.