We use cookies to allow us and selected partners to improve your experience and our advertising. By continuing to browse you consent to our use of cookies. You can understand more and change your cookies preferences here.
When you click on a retailer link on our site, we may earn affiliate commission to help fund our not-for-profit mission.Find out more.
Some people who use email addresses managed by Microsoft have had their accounts breached by hackers.
Email addresses from Outlook, MSN and Hotmail were among those affected by the email hack.
The tech giant says the contents of some emails were exposed by the attack which affected a 'limited' number of people.
The majority of people affected have already been sent an email from Microsoft urging them to reset their password out of caution.
Read more: your rights when you're part of a data breach
According to the email Microsoft sent affected users, a support agent's credentials were compromised which gave hackers access to information within email accounts.
This included email addresses, folder names, subject lines and other email addresses in compromised inboxes.
In the email, Microsoft said the hackers didn't have access to the actual contents of emails.
But a spokesman has now confirmed about 6% of those involved could have also had the contents of their emails accessed and read.
The attack spanned between January and March this year.
In the email to users, Microsoft said it has no idea why hackers looked at the inbox information or how it might have been used.
If you were affected by the Microsoft email attack, you should now have been sent an email alerting you to this.
Microsoft said affected users might get phishing or spam emails as a result of being involved in the attack.
It is urging those people to look out for emails:
Microsoft said it regrets any inconvenience caused, is hardening its systems and has increased detection and monitoring for the affected accounts.
If you've been part of a data breach, it's important you're on high alert for scams asking you for personal details or payment.
This could be anything from emails to texts to phone calls.
If you're contacted by someone asking for personal or payment details, take steps to confirm their identity by asking to confirm who they are and ask them details about your account.
If you're sent an email or message with links, don't click on them. Open your browser and search the information independently online.
Read more: how to spot a scam
If your password wasn't part of the breach, you don't need to change it, but you may wish to for peace of mind.
You can read our advice on how to make strong passwords.
It's also a good idea to enable two-step verification for another layer of security for your account and to update your antivirus software on your account.
You should also keep an eye on your bank accounts and credit report and contact your bank immediately if you see anything suspicious.