Cybercriminals are targeting Microsoft Outlook users to steal sensitive data related to their crypto exchange accounts, a report by VICE’s Motherboard revealed.
A group of hackers already attacked Outlook accounts by stealing the credentials of a Microsoft customer support employee. That gave them access to metadata of the email users which includes the subject line of the emails, recipient or senders address and other details without the actual content. The breach was confined to any non-corporate Outlook, Hotmail, or MSN account
However, in recent days, multiple email users came out to reveal that hackers are targeting specific emails related to their cryptocurrency accounts.
Crypto exchange credentials compromised
“The hackers also had access to my inbox allowing them to password reset my Kraken.com account and withdrawal [sic] my Bitcoin,” Jevon Ritmeester, a victim of this breach, told Motherboard.
He even shared breach notification emails and screenshots of email forwarding rules set up by the hackers with the publication. In his case, any email with the keyword “Kraken” was redirected to an unknown Gmail account.
Ready to kick-off your Trading Game with Manchester United?Go to article >>
Ritmeester lost 1 Bitcoin worth around $5,000 stored in his Kraken account to the hackers.
Many other victims also took to social media to share their experiences with the massive breach of data.
Earlier, the tech giant already confirmed about the meta-data breach. Now, the company is addressing the new issue and, in an email to the publication, wrote: “Customers who believe they have been impacted beyond what was outlined in the company’s notification should contact the Microsoft support team for assistance.”
The victims, however, are not fully convinced with Microsoft’s approach towards the issue.
“I think Microsoft talks about this way to lightly [sic] about this leak and I think there are a lot of users who have suffered damage in one way or another as there is a lot of sensitive information in an inbox,” Ritmeester added. “I am planning to at least file a police report and thinking about holding Microsoft liable for the financial damage and the fact that a lot of my personal information may get leaked in the near future.”