AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.
Microsoft says that for the first three months of 2019, some details of certain email accounts were accessible to hackers, but has not not revealed how many users were affected.
Microsoft has confirmed that a number of Outlook.com email accounts were accessible by hackers for the three months from January 1 to March 28, 2019. While the company will not reveal how many accounts were hacked this way, it says that the access was done via a support agent's login credentials which were compromised.
Microsoft also says that no message data was read. The details exposed include the account holder's email address, the subject headings of any messages, "and the names of other email addresses you communicate with," continued Microsoft.
"This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account," said Microsoft in an email sent to users," but not the content of any emails or attachments."
The company does not reveal how the breach was detected, but says that it was then stopped quickly. "Microsoft immediately disabled the compromised credentials, prohibiting their use for any further unauthorized access," it says. "Our data indicates that account-related information (but not the content of any emails) could have been viewed, but Microsoft has no indication of why that information was viewed or how it may have been used."
Microsoft suggests that one result could an increase in phishing or other spam emails being sent to you. "It is important to note that your email login credentials were not directly impacted by this incident," continues the company. "However, out of caution, you should reset your password for your account."
Outlook.com is the web version of Microsoft's email service and was previously known as Hotmail. This hack does not appear to have affected any corporate users of Outlook's non-web service.