Microsoft Disclosed Security Breach From Compromised Support Agent’s Credentials

Microsoft has notified affected Outlook users of a security breach that allowed hackers access to email accounts from January 1 to March 28, 2019. They discovered that the breach was caused by a support agent’s compromised credentials, which has since been disabled to block the hacker’s access.

The credentials allowed hackers to access account email addresses, folder names, and subject lines of the emails. Content and email attachments of these emails, however, remained out of the hackers’ reach. Microsoft further assured users that their login credentials and other personal information were not stolen in the attack. They still strongly advise those who were affected to change their passwords.

Affected users were also warned against possible phishing scams and emails that request personal information or payments. These types of threats usually follow such a security breach.

Relevance to future security

Microsoft has not revealed the actual number of affected accounts nor the region where these accounts came from. It is also unclear how the support agent’s credentials had been compromised.

Threat actors are known for using several methods to get the credentials of key people or employees within an organization. This could include extensive research to pinpoint which users to target. They can then employ different social engineering techniques to trick users into sharing crucial information, which could lead to further attacks.

[Read: National Cyber Security Awareness Month: The Enterprise’s Safety Online Is Everyone’s Business]

Such cases demonstrate the importance of each employee in the overall security of an enterprise. Enterprises should continuously educate and update the knowledge of employees about cybersecurity, threats, and the consequences of a successful attack. Simple solutions like 2FA can provide additional defense against attacks like identity theft and unauthorized access.

The information gained from such an attack can enable threat actors to plan new campaigns, like phishing schemes that could further affect users. Users should stay vigilant against suspicious and unsolicited emails to prevent the cascading effects of such a security breach.


Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.