Microsoft Outlook Security Breach Targeted Bitcoin Accounts
Earlier in April 2019, Microsoft Hotmail, MSN, and Outlook email accounts suffered a severe security breach. Now, a good number of the victims have revealed that their cryptocurrency wallets were hacked during the ugly incident, reports Motherboard on April 29, 2019.
Microsoft Customer Support Account Hacked
Per the report, the login details of a customer support staff at Microsoft was illegally obtained earlier this month. The breach enabled the attacker to access several email accounts including those on Outlook, MSN, and Hotmail.
Armed with the login details, the cyberpunks were able to gain access to sensitive information contained in other non-corporate Outlook, Hotmail, or MSN email accounts, using the data to hack into peoples’ cryptocurrency wallets.
For instance, Jevon Ritmeester, one of the victims’ of the hack, revealed that the password of his account on the Kraken cryptocurrency exchange was changed and his single bitcoin was stolen.
Ritmeester revealed that he failed to implement 2-Factor Authentication (2FA) on his Kraken account, making it much easier for the fraudsters to steal his holdings since they did not have to bother about conducting a SIM swapping attack.
To make their unlawful act easier, the hackers implemented an email forwarding feature on the victim’s email account which automatically redirects any message containing the keyword “Kraken” to a Gmail address controlled by them.
In the same vein, any Bitcoin withdrawal request, approvals, and password-related messages were also forwarded to the new address.
Ritmeester in a publication on Reddit stated that Microsoft is not taking the security breach seriously and is trying to cover up the event. He also said that he is taking the matter to the police and Microsoft will have to pay for the losses he incurred.
It’s worth noting that Ritmeester is not alone in this strange ordeal. A Reddit user with the moniker, shinratechlabs stated that he lost about $25,000 worth of cryptocurrency as a result of the hack even though the virtual assets involved were not mentioned.
Despite the severe losses suffered by users of Microsoft, the firm has been accused of not doing enough to commensurate the victims or even offer a form of apology.
“I feel Microsoft is trying to cover up and is not taking this matter seriously,” lamented Ritmeester. he also added that:
“I am looking to file a police report and I’m thinking about holding Microsoft liable for the financial damage and the fact that a lot of my personal info may get leaked again.”