Email accounts across Microsoft's Outlook, Hotmail and MSN services were left vulnerable for nearly three months after it emerged that hackers had targeted them.
Microsoft sent a warning to Outlook users detailing a hack that lasted from January 1 to March 28. Because of that, an European Union investigation is likely to follow into whether Microsoft complied with the regulation and whether it did its best to prevent the hack.
As of now, it remains undisclosed exactly how many users were affected by the breach.
In an email being sent to affected users, Microsoft claims that apart from the content of the emails including attachments, the hackers could have possibly viewed account email addresses, folder names and subject lines of the mails sent and received, The Verge reported on Saturday.
The case came into notice when the software giant discovered that credentials of a support agent were compromised for its Web mail service which led to unauthorised access into some accounts.
Palm Sunday: What it means to Christians
This year, Palm Sunday falls on April 14, Good Friday falls on April 19 and Easter Sunday will be celebrated on April 21. Commemorating Palm Sunday with palm branches goes back to the early Christian church.
Why Microsoft would first deny that the content of victims' emails had been accessed, then when confronted with evidence to the contrary change its statement, was not immediately clear. Paid-for, enterprise accounts were unaffected-only consumer accounts were hit.
In our original story, we shared the email that Microsoft was sending out to those who had been affected by the attack, explaining that hackers had only been able to access a limited amount of information. Microsoft has only said there were a "limited number" of compromised accounts.
Microsoft did not respond to multiple requests for additional comment. The site was tipped off about the greater extent of the hack by an unnamed source, and the fact that email messages - rather than just subject lines - had been accessed was subsequently confirmed by Microsoft.
Though Microsoft said user credentials were not impacted, it nonetheless advised users to reset their email password.