A couple of weeks back, news of several of Microsoft’s Outlook accounts being compromised surfaced. It is shocking enough that hackers had access to those accounts for almost three months (January to March this year) without getting detected.
Now, a new report by Motherboard claims that many of those victims were robbed of cryptocurrency from their accounts — and this might be the main motive behind this attack.
The breach took place when a hacker got hold of a Microsoft customer support worker’s login credentials. Using it, the hacker could access the content of any non-corporate Outlook, Hotmail, or an MSN account.
Jevon Ritmeester, a Microsoft account holder, told Motherboard that the hackers used the access to his inbox to reset the password for his Kraken.com account (popular cryptocurrency exchange) and withdrew Bitcoins from it.
Ritmeester also showed the breach notification emails he received from Microsoft and a screenshot which confirmed that the hackers had set up email forwarding settings in his account.
“Anytime an email mentioned the term “Kraken,” his account would automatically forward it to a Gmail address presumably controlled by the hackers.”
It also included emails for password reset and Bitcoin withdrawal requests. After checking the trash of his email account, Ritmeester found someone had requested both of them.
He added that 1 bitcoin worth $5,000 at the current exchange rate was stolen from him. Also, Ritmeester isn’t the only one who reported a theft of cryptocurrency due to the breach. Users on Reddit and other forums are also complaining of the same.
The most surprising part of this whole incident is Microsoft’s response towards it. The software giant is trying to downplay the impact of the Outlook data breach.
Initially, it said that only email metadata and customer information, such as subject lines and the names of other email addresses were exposed.
Despite being presented with evidence that the email content had also been affected and fully aware that content was exposed, Microsoft simply chose to issue breach notification emails to victims.
As far as the cryptocurrency theft is considered, Microsoft hasn’t commented yet.