The webmail services affected include platforms like Outlook, Hotmail, and MSN.
The company sent out an email to affected users stating that hackers were able to access user email addresses, subject lines of emails, names of their email contacts, and folder names.
Microsoft stated that the content of emails and login credentials were not compromised in the data breach, but still recommended that affected users change their passwords.
Hackers reportedly accessed Microsoft's system by compromising a customer support agent's credentials, which the company said it has now disabled.
The unauthorised access to this webmail data was recorded between 1 January 2019 and 28 March 2019.