However, they were definitely able to see the subject lines of emails and contact information that affected users had communicated with. That last was quickly disputed, with Microsoft later admitting to Motherboard that the hackers had gained access to the content of some customers' emails, about 6 percent of those affected.
In the latest of a seemingly endless string of high-profile hacks, Microsoft confirmed to TechCrunch over the weekend that a "limited" number of people who use Microsoft's email platforms - including Outlook, MSN, and Hotmail - had their accounts compromised.
The compromise lasted from Jan 1.to March 28., with Microsoft disabling the compromised credentials as soon as it became aware of the situation.
More details, however, are now making the rounds to indicate that the incident was actually worse than explained in the software giant's announcement, as the hackers were even able to read users' emails.
Fortnite's Version 8.30.2 update available
All that's really changing here are some bug fixes for issues with matchmaking, as well as a respawn issue with the Reboot Van . The van looks quite unbelievable and we really have to applaud the designers for all the brilliant work that they've delivered.
Microsoft told customers that one of its support agent's credentials were comprised, allowing cybercriminals to access and view information such as email addresses, folder names, subject lines and other email addresses with which users interacted. The hack did not affect enterprise accounts, it added.
The company did not state how many people were affected, but said it was "a limited number of consumer accounts".
Specifically, Microsoft admitted it had sent notifications of a security breach to some users which informed them that their email content had (potentially) been read, but that this only applied to a small amount of the affected users, around 6%. It is, however, recommending users to reset their passwords just in case.
Why Microsoft would first deny that the content of victims' emails had been accessed, then when confronted with evidence to the contrary change its statement, was not immediately clear. In a blog post from April, Microsoft said that it saw an average of 300,000 phishing attempts in February alone.