Hackers reportedly abused Microsoft's customer support to read Hotmail, Outlook.com email

It's not a bad idea to change your email password anyway.

Hackers reportedly compromised a Microsoft customer support account, exposing its credentials, and by extension customer email on Microsoft web-based email services like Hotmail, Outlook.com, and MSN.

TechCrunch reported over the weekend that Microsoft is sending emails to affected users, warning them of the issue. Presumably, those users who have not been contacted are unaffected.  (Microsoft hasn't said how many accounts were affected, nor did the company identify the specific services affected.)

At the time, Microsoft believed the attackers would only be able to read header information, such as the subject line or the address from which the email was sent. On Monday, however, Motherboard reported that email content was accessible as well. Microsoft then confirmed to Motherboard that a small number of users—six percent, according to Motherboard—had received email notifications stating that their email content had been impacted.

Microsoft representatives hadn’t responded to a request for comment by press time.

According to the original email sent to users, Microsoft said that the login information of individual users was not at risk; however, the company warned that attackers could send phishing emails or other attempts to either trick or pry personal information away from users. Microsoft recommended that users change their passwords as a precaution.

Unfortunately, if a user was one of the small number of users whose emails were directly accessed, that means that any personal information communicated during the January 1 - March 28 timeframe is potentially compromised.

“Please be assured that Microsoft takes data protection very seriously and has engaged its internal security and privacy teams in the investigation and resolution of this issue, as well as additional hardening of systems and processes to prevent such recurrence,” Microsoft’s original email stated, as reported by a user on Reddit

What this means to you: If you use one of Microsoft’s affected services, consider changing your password anyway—the scope of the breach may widen. Also, dig down into your spam folder. While it’s unlikely that an email of this importance was buried, it’s possible, and you’ll want to know about it. 

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags microsoft outlook

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Mark Hachman

Mark Hachman

PC World (US online)
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Cate Bacon

Aruba Instant On AP11D

The strength of the Aruba Instant On AP11D is that the design and feature set support the modern, flexible, and mobile way of working.

Dr Prabigya Shiwakoti

Aruba Instant On AP11D

Aruba backs the AP11D up with a two-year warranty and 24/7 phone support.

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?