Microsoft: Hackers compromised support agent’s credentials to access customer email accounts
After getting hold of the login details of a Microsoft customer support agent, threat actors obtained sensitive email account data of a limited number of users of Microsoft email services (such as @hotmail.com and @msn.com) between January 1 and March 28 of this year. The compromised information includes email addresses, folder names, email subject lines, and email addresses of contacts. However, the company claims that the content of emails was not accessed and that the attackers did not obtain login credentials.
Microsoft has deleted the compromised customer support account and has informed the affected users. The company also stated that it “increased detection and monitoring to further protect affected accounts.”
This incident is a good example of how customer service arrangements can put users at risk. Not only can threat actors try to compromise customer service accounts in order to access sensitive information, but they may also attempt to manipulate customer service agents into revealing sensitive information about a user account by pretending to be the account owner.