14 DAY TRIAL // Hackers who breached Microsoft’s email services last month are now stealing cryptocurrency using the compromised accounts, several users reveal.
Microsoft originally said that hackers used the credential of a support agent to access its email servers, explaining that no actual email content was accessed.
In a follow-up comment, the software giant admitted that certain data might have been exposed, including the subjects of email messages.
And now it turns out that hackers are using the compromised emails to steal Bitcoin from their targets using a very simple approach.
Microsoft user Jevon Ritmeester says a malicious actor managed to steal over 1 Bitcoin from his Kraken account after resetting his password. Ritmeester says he wasn’t using two-factor authentication on Kraken and explains that hackers used his compromised Outlook account to reset the password.
As per Motherboard, several other users complain that hackers emptied their crypto wallets using a similar technique, with one Microsoft user claiming they lost “25,000 in crypto.”
Users recommended to get in touch with Microsoft
Microsoft says customers should contact the company should they discover any malicious activity following the Outlook breach last month.
“Customers who believe they have been impacted beyond what was outlined in the company’s notification should contact the Microsoft support team for assistance,” the company told the cited source.
In the meantime, however, some users believe Microsoft “is not taking this seriously.” Ritmeester says he’s currently considering filing a police report and going after the software giant for not protecting its data.
“I think Microsoft talks about this way to lightly [sic] about this leak and I think there are a lot of users who have suffered damage in one way or another as there is a lot of sensitive information in an inbox. I am planning to at least file a police report and thinking about holding Microsoft liable for the financial damage and the fact that a lot of my personal information may get leaked in the near future,” he said.
Microsoft hasn’t offered any other comments on this beside the statement posted above.