Microsoft confirmed that email services Outlook.com, Hotmail and MSN have been compromised between January 1, 2019 and March 28, 2019. Hackers used stolen credentials for a customer support platform to access email accounts.
Microsoft sent an email to affected users stating that hackers were potentially able to access users email addresses, folder names, email subject lines and names of who emails were sent to and received from. In some cases, hackers were even able to access the actual emails as well. Although login credentials were not stolen, Microsoft has recommended that users change their password.
Microsoft has not explained exactly how the breach occurred or released the number of accounts that were impacted by the breach.