Popular e-mail application, Microsoft Outlook recently fell prey to hackers who breached into one of its customer care staff’s accounts and stole the personal credentials of non-corporate users registered on Hotmail and MSN, as reported by Motherboard. The hackers then used the info to commit cryptocurrency-related theft from 1 January to 28 March.
Confirming the cyber-attack to Tech Crunch, Microsoft stated that it immediately disabled the infiltrated account and sent out notices to all the affected individuals informing them about their action and warning them against sharing their personal info with unknown people over the mail. Microsoft also revealed that the perpetrators targeted only non-corporate individuals and no institutional users have reported any unusual activities.
Even though the hacker’s window (the staff’s account) to the attack has been closed and Microsoft has increased the security of the affected accounts, the tech giant has still advised its users to change their passwords and settings. The notice sent out by Microsoft leaves a lot of questions unanswered as to how many users were targeted, to which regions they belonged and how the hackers got hold of the staff’s account details.
Meanwhile, many victims have shared their side of the ordeal on various social media platforms. According to one of the accounts, the hackers had broken into the individual’s personal mail and used it to change his Kraken Wallet’s password after which they stole a Bitcoin that at that time amounted to $5,260.
The hackers had also enabled a feature in Outlook that automatically transferred all Kraken related emails to the trash (so that it doesn’t come to the notice of the owner) and forwarded them to another email, which the owner suspected may belong to the attacker. The complainant also noted, however, that he was not using two-factor authentication on his Kraken account, which may have avoided the theft. Other complainants expressed anger against Microsoft for not taking the matter seriously enough and ignoring their emails. If that has been the case, it is unfortunate, to say the least, considering today’s climate which is rife with cybercrimes. In such a scenario, a company like Microsoft has a greater responsibility to safeguard the privacy and security of its Outlook and MSN users.