Microsoft Says Some Webmail Accounts Were Compromised

A "limited" number of users of Microsoft's webmail services -- which include Hotmail, Outlook.com, and MSN -- "had their accounts compromised, TechCrunch reports. "We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access," said a Microsoft spokesperson in an email. According to an email Microsoft has sent out to affected users, malicious hackers were potentially able to access an affected user's e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses the user communicates with -- "but not the content of any e-mails or attachments," nor -- it seems -- login credentials like passwords. Microsoft is still recommending that affected users change their passwords regardless.

The breach occurred between January 1 and March 28, Microsoft's letter to users said. The hackers got into the system by compromising a customer support agent's credentials, according to the letter. Once identified, those credentials were disabled. Microsoft told users that it didn't know what data was viewed by the hackers or why, but cautioned that users might as a result see more phishing or spam emails as a result.

Based on the phishing emails sent...

[WoodstockJeff]

... there are likely to be thousands of O365 accounts affected. It is rare that I don't see a half-dozen different organizations represented in "please look at this invoice" or "please review your payment" emails sent to our system accounts, each personalized for the company whose O365 accounts have been hijacked.

If one of our corporate clients had not switched over to O365 for their email services last year, I'd block anything coming from an outlook.com server, because it is rare that it is NOT a phishing email.