If you or someone you contact via e-mail uses Microsoft’s webmail services, such as Outlook.com, then it is possible that you have been involved in a data breach.
Microsoft confirmed to TechCrunch this week that the firm’s webmail services have been a victim of a data breach. Data on customers was left exposed through a support agent’s credentials which were compromised, which cybercriminals used to access the data.
Of the data affected, Microsoft noted that the following information was left exposed:
- Email addresses
- Subject lines of emails
- Names of people within conversations
- Custom folder names
Microsoft noted that it doesn’t know which data has been viewed, or the reasons why, but that users may experience increasing phishing or spam emails as a result of the breach, therefore, it advises users to be more vigilant when checking their emails.
The breach took place over a long period of time, from 1st January 2019 to 28th March 2019. It isn’t clear how many people have been affected, but it says it was a “limited” number of people. The company did confirm that enterprise users have not been affected.
Microsoft has disabled the compromised account of the support agent to prevent more data being accessed.