The technology giant said a “limited” number of accounts had been affected by the breach, but confirmed around 6% of those involved may have seen the content of their emails become accessible to the attackers.
According to an email sent to the majority of affected users and then posted online, the firm said a Microsoft support agent’s credentials were compromised, potentially allowing unauthorised access to some account information.
For most this included a person’s email address, folder names, subject lines of emails and the names of other email addresses users communicated with between January and March this year, but not the content of emails or attachments.
However, when approached for comment on the incident, Microsoft confirmed that a small group of users had also been notified that bad actors could have gained unauthorised access to the wider contents of their emails.
The company said it was providing additional guidance and support to those users.
“We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the compromised credentials and blocking the perpetrators’ access,” a Microsoft spokesman said of the incident.
Microsoft operates email services including Outlook, MSN and Hotmail.
The company has not confirmed the number of accounts, in total, affected by the breach.
The firm warned in its email that users might receive more spam and phishing emails as a result of the incident, and urged users not to click on links from email addresses they did not recognise.
The company added that although password information had not been affected, it encouraged users to change their log-in details “out of caution”.
The tech giant said it had also increased detection and monitoring for the affected accounts.
The incident follows the discovery in January of more than 770 million email addresses from a variety of services in an online database allegedly used by hackers.