The same source also claimed that the hackers had access for “at least six months,” although Microsoft disputed this and maintained that the culprits’ access lasted between January 1st and March 28th. The attack was apparently part of an effort to hijack the accounts of iCloud users, making it possible to disable the Activation Lock that prevents thieves from wiping a stolen iOS device’s data.
It’s still not certain how many people were victims of the breach. Microsoft has only said there were a “limited number” of compromised accounts. However, Microsoft has hundreds of millions of webmail users with Outlook.com, Hotmail and MSN accounts. Even a fraction of a percent could still represent a large number of compromised accounts.