Microsoft confirmed to TechCrunch over the April 13th weekend, that a “limited” number of people who use Microsoft’s email platforms — including Outlook, MSN, and Hotmail — had their accounts compromised.
Microsoft sent an email to the affected users alerting them that hackers may have been able to access a information, including the subject lines of their emails and the names of the people they’ve emailed, “but not the content of any e-mails or attachments.”
Another source said that Microsoft down-played the significance of the hack and then said that “a large number of Outlook, MSN, and Hotmail email accounts.” including content of certain emails.
According to Motherboard, Microsoft sent a separate email alert to about 6% of the affected users, informing them that their email content had been compromised.
Here is Microsoft’s most recent comment,
Microsoft recently became aware of an issue involving unauthorized access to some customers’ web-based email accounts by cybercriminals. We addressed this scheme by disabling the compromised credentials to the limited set of targeted accounts, while also blocking the perpetrators’ access. A limited number of consumer accounts were impacted, and we have notified all impacted customers. Out of an abundance of caution, we also increased detection and monitoring to further protect affected accounts.
The unauthorized access to some accounts between January 1st and March 28th, 2019.
The hackers weren’t able to steal login details, or other personal information, but out of caution Microsoft is recommending that affected users reset their passwords.