Cybercriminals Compromised Some Outlook Accounts

over the weekend, Microsoft stepped in too, issuing a software update for Windows users that reverses the Intel-created patch.

Microsoft this week admitted that “” have a small number of .com . But the firm says it has no idea how the were compromised.

“Microsoft recently became aware of an issue involving unauthorized access to some customers’ web-based email accounts by cybercriminals,” a Microsoft statement provided to Techcrunch reads. ”We addressed this scheme by disabling the compromised credentials to the limited set of targeted accounts, while also blocking the perpetrators’ access. A limited number of consumer accounts were impacted, and we have notified all impacted customers. Out of an abundance of caution, we also increased detection and monitoring to further affected accounts.”

Here’s what we do know.

The accounts were compromised during January, February, and March 2019.

To access the customer accounts, the cybercriminals first compromised Microsoft support representative accounts. Microsoft doesn’t know how this happened, but it has since disabled those accounts.

“You should be careful when receiving any e-mails from any misleading domain name, any e-mail that requests personal information or payment, or any unsolicited request from an untrusted source,” a Microsoft email to the compromised customers reads. The problem being, of course, that Microsoft support representatives should generally be trusted.

The compromises only include consumer Outlook.com accounts, not commercial (business) accounts of any kind.

Though email login credentials were not directly impacted by this incident, Microsoft is recommending that all impacted customers reset their email passwords as a precaution.

You might also like More from author

Leave A Reply

Your email address will not be published.