The attack appears to be confined to Microsoft's webmail accounts, which include, Hotmail and MSN. It is not clear how Motherboard's source knows all this inside information, but the source apparently 'witnessed the attack in action,' notified Motherboard before Microsoft disclosed the intrusion and provided screenshots as proof. 'A small group (~6 percent of the original, already limited subset of consumers) was notified that the bad actors could have had unauthorized access to the content of their email accounts, and was provided with additional guidance and support.' 'Our notification to the majority of those impacted noted that bad actors would not have had unauthorized access to the content of emails or attachments,' a Microsoft spokesperson said in a statement. Microsoft denied that in a statement to The Verge. Motherboard's source, however, said that the intrusion lasted for six months. 1, 2019 to Mabefore it was discovered and turned off, according to Microsoft. According to Microsoft's first notification, one of its support technicians had his or her access credentials stolen by an attacker, allowing the attacker to break into the support interface and access the company's webmail back-end systems.
