Microsoft has started an investigation after having received reports that some users got access to other users’ accounts when using mobile devices.
A limited number of cases is currently inspected where users of the mobile versions of Windows Live services gained unlimited access to other people’s accounts after sign-in. On Tuesday, Microsoft stated:
Microsoft takes customers’ privacy seriously, and immediately upon learning of these reports, we started an investigation.
After the investigation, a detailed report will be published as soon as concrete results are available. According to some users, they had full access and control over the personal data and settings of other users. Probably the error was caused by aggressive mobile caching, so the wrong authentication cookies were sent to the wrong people.