The worry was that even limited information like email subject lines could enable malicious parties to concoct a more convincing phishing scam to aim at the user whose email they have (and they could also employ extra details like the names of friends, gleaned from the email addresses the user has contacted).
Microsoft first confirmed to Techcrunch that its email service has been compromised for months, with hackers being able to access subject lines of emails and names of people within conversations in select Outlook.com accounts. The company noted that the contents of emails or attachments were not accessed.
But according to the cited source, hackers were able to gain "full access to email content", as the compromised account had high privileges. With these credentials the hackers could use Microsoft's internal customer support portal, which offers support agents some level of access to Outlook.com accounts.
"We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators' access".
121 killed in Libya clashes
The LNA accused the Tripoli forces of an air raid against civilians in the Gasr Ben Ghachir region south of Tripoli. Gen Haftar's offensive began shortly before a conference set for this month to discuss Libya's future.
Microsoft's message to users of its managed email services confirms earlier reports that its servers had been breached by unknown attackers, though the mechanism at least is clear: The capturing of login credentials belonging to an unnamed support agent at the company, which apparently gave those who obtained it extensive access for a period of three months following the theft of the credentials on January 1st. Enterprise accounts were not affected, per Motherboard's source.
The breach took place between 1 January and 28 March.
Microsoft did not respond to multiple requests for additional comment.
Specifically, Microsoft admitted it had sent notifications of a security breach to some users which informed them that their email content had (potentially) been read, but that this only applied to a small amount of the affected users, around 6%. Users should change their passwords out of an abundance of caution.