Discover how hackers accessed a Microsoft employee’s account, potentially accessing information on Outlook.com customers, and how to protect your business.
How Did the Microsoft Breach Happen?
According to Microsoft, hackers compromised the account of one of the company’s support agents, who assist customers with technically related complaints. The hackers had access to some user accounts between January 1 and March 28.
What Is the Scope of the Microsoft Breach?
The breach potentially affected Outlook users and those with Hotmail or MSN email accounts. Microsoft indicated that it notified all customers potentially affected by the hackers’ activity.
The company noted that the extent of the information that could be accessed was limited. In a message to customers, the company stated, “This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments,”
Was My Data Compromised in the Microsoft Breach?
Microsoft has indicated it had contacted all users affected by the breach, though some worry that not everyone was affected. ZDNet reported that the scope of information accessible could be more than what Microsoft indicated. One company engineer shared with the website that the support agents also have access to more information, including the number of emails a user has, the location of the email database, email content and the last person emailed.
When contacted by ZDNet, Microsoft acknowledged that hackers were able to access content for about 6 percent of the users it contacted. The company said those users received additional support and guidance. It noted that for any affected user, the company was upping the detection and monitoring of their accounts.
The company urged any user who was contacted regarding the breach to reset their Outlook.com credentials, even though passwords were not accessed, as a precautionary measure.
What Can I Do To Protect My Email Systems?
The security incident is just the latest notable cyberattack that has left customers and employees vulnerable. That the employee affected works for one of the world’s leading technology companies reinforces the importance of comprehensive security protection.
Small- and medium-sized companies in Salinas need solutions that include:
- Two-factor authentication for access to systems and applications
- Automated patching and updating of software and hardware to keep users protected from emerging threats
- Data storage and backup systems that keep information safe while in transit or at rest
- Staff training to provide awareness and information to prevent phishing attacks
Alvarez Technology Group helps companies stay protected with security and business continuity solutions, security consulting and managed IT services. Schedule your free, no-obligation consultation to see how Alvarez Technology Group can deliver security services your business needs.
