Microsoft Hack Leads to Crypto Loss
In early April, Microsoft Outlook email users were targeted by a hack that saw many addresses compromised. Both email content and metadata were stolen and used without permission, but it appears their cryptocurrency stashes were also meddled with. Some victims of the hack are now reporting thousands of dollars in crypto funds that were taken from their online accounts. It appears stealing cryptocurrency was the hackers’ primary objective.
The hack occurred when the attackers breached Microsoft’s email system through staffers’ login credentials. They then posed as employees of Microsoft to illegally access everyone’s email messages but adding insult to injury was the fact that some saw their digital assets disappear overnight.
One user, who goes by the name Jevon Ritmeester, was notified of the hack by Microsoft. He comments:
The hackers also had access to my inbox allowing them to password reset my Kraken.com account and withdraw [sic] my bitcoin.
As one of the world’s largest and most popular cryptocurrency exchange, Kraken was repeatedly targeted by the hackers, as many victims claim to be Kraken account holders. They also made sure that any emails in the addresses they hacked that had the word “Kraken” in them were ultimately forwarded to accounts that they controlled. Thus, any messages to the victims warning them of the hack and telling them to reset their usernames or passwords were ultimately sent to the hackers, preventing any changes and allowing the attacks to continue.
Ritmeester claims to have lost approximately $5,000 in bitcoin funds. He explained in an interview:
I think Microsoft talks about this way too lightly [sic] about this leak, and I think there are a lot of users who have suffered damage in one way or another as there is a lot of sensitive information in an inbox. I am planning to at least file a police report and thinking about holding Microsoft liable for the financial damage and the fact that a lot of my personal information may get leaked in the future.
What Does Microsoft Know?
At the time of writing, it is unknown if Microsoft knew about the attack or of the stolen funds. It is also unknown how many people were affected. Either way, it is important that the people that were allegedly compromised by the attack take the necessary steps to ensure their safety in the future, i.e. implementing two-factor authentication for their accounts.
Live Bitcoin News recently reported that while problems such as ransomware continue to persist throughout the cryptocurrency space, mining-based attacks are becoming a thing of yesterday. Still, it appears hackers have not dripped away completely.