Microsoft confirmed this week that its webmail services were victim to a data breach through the first three months of 2019.
Although Microsoft did not specify the number of users affected by the breach, those who were compromised had their email addresses, email subject lines, the names of people in their conversations, and customer folder names exposed.
The company distributed an email that notified users of the breach.
“Upon awareness of this issue, Microsoft immediately disabled the compromised credentials, prohibiting their use for any further unauthorized access,” Microsoft said. “Our data indicated that account-related information (but not the content of any e-mails) could have been viewed, but Microsoft has no indication why that information was viewed or how it may have been used.”
Microsoft added that although no email login credentials were compromised, users should reset their passwords. The company also said that users may receive phishing or spam emails and that users should be careful when they see emails from misleading domain names or emails that request personal information or payments.