If you or someone you contact via e-mail uses Microsoft’s webmail services, such as Outlook.com, then it is possible that you have been involved in a data breach.

Microsoft confirmed to TechCrunch this week that the firm’s webmail services have been a victim of a data breach. Data on customers was left exposed through a support agent’s credentials which were compromised, which cybercriminals used to access the data.

Of the data affected, Microsoft noted that the following information was left exposed:

  • Email addresses
  • Subject lines of emails
  • Names of people within conversations
  • Custom folder names

Microsoft noted that it doesn’t know which data has been viewed, or the reasons why, but that users may experience increasing phishing or spam emails as a result of the breach, therefore, it advises users to be more vigilant when checking their emails.

The breach took place over a long period of time, from 1st January 2019 to 28th March 2019. It isn’t clear how many people have been affected, but it says it was a “limited” number of people. The company did confirm that enterprise users have not been affected.

Microsoft has disabled the compromised account of the support agent to prevent more data being accessed.

Via ONMSFT