Microsoft revealed last week that an Outlook.com support agent’s credentials were compromised by hackers and they were thus able to access folder names, email addresses, and subject lines of emails from January till March this year. It stated that they couldn’t see the email content but that doesn’t appear to be the case now.
Microsoft hasn’t confirmed so far just how many accounts have been affected by this breach. Motherboard reports that Microsoft has now been sending a different notification message to around six percent of the users that are affected by this breach. It reportedly sent out this notification only when it was presented with screenshot evidence that the breach was worse than initially revealed.
According to the report, hackers were able to access the accounts for up to six months and that used those credentials to reset iCloud accounts linked to stolen iPhones. The Verge received word from a Microsoft spokesperson who said that “the claim of 6 months is inaccurate.”
The “A small group (~6 percent of the original, already limited subset of consumers) was notified that the bad actors could have had unauthorized access to the content of their email accounts, and was provided with additional guidance and support.,” the company said. What it hasn’t said so far is just how many people were affected by this breach