Microsoft Outlook email breach might have led to hackers stealing victims’ cryptocurrency, Motherboard writes. Originally, Microsoft claimed that hackers were only able to access Outlook users’ email metadata and customer information like subject lines and names of people with whom victims were in contact. However, Motherboard writes the hack might have been used to steal people’s cryptocurrency.
“The hackers also had access to my inbox allowing them to password reset my Kraken.com account and withdrawal [sic] my Bitcoin,” said Microsoft user Jevon Ritmeester, who reportedly lost approximately 1 bitcoin.
All of Ritmeester’s emails mentioning the crypto exchange were automatically forwarded to another Gmail address. He believes having two-factor authentication would have prevented the attack as the thieves would have needed to take over his phone as well as his email. There are more people claiming to have fallen victim to the same hack, which began after hackers got hold of a Microsoft employee's login credentials, working in customer support.
Microsoft's statement said customers who believe they have been "impacted beyond what was outlined in the company’s notification should contact the Microsoft support team for assistance.”