Microsoft has confirmed that hackers were able to read email from Microsoft's Outlook, MSN and Hotmail email services, Motherboard reported this week.
This is on the heels of a report from TechCrunch on Saturday evening that there was a breach on Microsoft's email services, which the company said let attackers access email addresses, folder names, subject lines and other email addresses users have written to, but not the content. But now Microsoft has admitted that wasn't the case.
Motherboard's source suggested that hackers could access accounts for six months, though Microsoft is standing by an email it sent to affected users between January 1 and March 28.
“We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access,” a Microsoft spokesperson told Motherboard.
It is unclear exactly how many accounts were affected. Users should change their passwords out of an abundance of caution.
“Our notification to the majority of those impacted noted that bad actors would not have had unauthorized access to the content of e-mails or attachments," a Microsoft spokesperson told The Verge. "A small group (~6 percent of the original, already limited subset of consumers) was notified that the bad actors could have had unauthorized access to the content of their email accounts, and was provided with additional guidance and support."