Another batch of crypto users have lost money recently through an unlikely breach. Recently, Microsoft services such as Hotmail, MSN, and Outlook have been hit by a breach. It was later learned that the breach was due to an employee’s credentials being compromised, which was used to gain access to customer support account. Using this account, the hackers were able to access information regarding customers email address such as the subject lines of their emails and who they’ve communicated with. But recent revelation shows that the breach was deeper than anticipated and had unintended consequences.
Unlike previously thought, hackers didn’t just have information about the emails, they could actually go through the mail and this changed the case completely. Nowadays, it seems like whatever happens, crypto gets in someway. Even in this case of a breach in Microsoft services, crypto was present. The hackers used the access they had to emails of people to get into accounts they had on other sites like crypto exchanges, basically, to reset the passwords. And using the access they had to crypto wallets of the users, hackers transferred funds to themselves. In order to avoid detection, these hackers moved the emails from inbox to trash, and only a look into the trash emails reveals such activities. This was especially devastating for those people who did not have two-factor authentication.
What makes the story even more bizarre is the fact that some sources suggest that hackers had access to the said customer support account for over six months. The story is an ironic one too as these customer support accounts are the same place someone depends on in the event of a hack or breach, but ended up being used to steal customer emails. Although Microsoft has tried to downplay the impact of the breach by saying only 6 percent of the users have been affected and no enterprise customers have been affected, it is a really serious breach considering the fact that hackers were able to access data without any restriction. This would not have been the case if those emails were end-to-end encrypted like in Whatsapp, but government agencies sure will not like it. As Edward Snowden has put it rightly, we cannot make a device secure against hackers while at the same time putting backdoors for governments, hackers can simply use the backdoor meant for the government. If email is to be secure, it has to be secured against everyone including the company that provides the service itself. As more and more people rely on the internet for their finances, this becomes more relevant.
You might also like
More from Crypto
OpenSea is the most popular NFT marketplace currently, raking in billions in volume over the last month and benefiting extensively …
Should you play Axie Infinity? In this article, we'll lay out a detailed Axie Infinity guide, and explain exactly how …