Microsoft says that its email service Outlook.com has suffered a security breach with some users’ addresses, folder names and subject lines visible to a hacker.
The company also notified a small number of users that email contents may have been viewed.
The tech giant says that an employee’s credentials were compromised, giving a hacker access to a number of accounts for the first three months of 2019. Microsoft has not said how many accounts were affected.
“Our data indicates that account-related information (but not the content of any e-mails) could have been viewed, but Microsoft has no indication why that information was viewed or how it may have been used,” the tech company informed affected users in an email.
However, responding to an article in the online Vice website Motherboard, Microsoft confirmed that some users were advised that the content of their emails may have been vulnerable to the hacker.
The company has now advised affected users to reset their passwords.
Outlook is one of the world’s biggest email ecosystems, alongside Gmail and Yahoo.
“Microsoft regrets any inconvenience caused by this issue,” says the security notification. “Please be assured that Microsoft takes data protection very seriously and has engaged its internal security and privacy teams in the investigation and resolution of the issue, as well as additional hardening of systems and processes to prevent such recurrence.”
There is no indication yet of who might be responsible for the hacking incident.