Microsoft reports that hackers have invaded an unknown number of mail accounts in Outlook. The leak was present between 1 January 2019 and 28 March 2019 and has since been closed. Cybercriminals were given access to the webmail account inbox by manipulating the login details of a Microsoft support employee.
Microsoft says in an e-mail to victims that the hackers did not have access to the content of e-mails. However, they were able to see subject lines, contact e-mail addresses and the file names of attachments.
The company advises users to change their passwords and not to respond to emails from unclear senders, because they may contain spam and malicious links. It is not known how many accounts have been hacked.
According to Microsoft, all users whose Outlook account has been hacked have been notified and the vulnerability has been plugged.
How do you stay safe?
- Reset your password: Although Microsoft highlights that email logins were not compromised during the hack, password reset still recommended.
- Look out for phishing e-mails: Be cautious to not click on links or reply to emails that seem suspicious.
- Check the domain names: E-mails like this can have misleading domain names which attempt to sound like an official company but have a few letters changed.
- Also be wary of any e-mail that requests personal information, payment or any other unexpected requests from a random source.