Over the weekend, that estimate has doubled to 60,000 Microsoft Exchange Server customers hacked around the world, with the European Banking Authority now admitting that it’s one of the victims — and it looks like Microsoft may have taken a little too long to realize the severity and patch it. Krebs has now put together a basic timeline of the massive Exchange Server hack, and he says Microsoft has confirmed it was made aware of the vulnerabilities in early January. That’s nearly two months before Microsoft issued its first set of patches, alongside a blog post that didn’t explain the scope or scale of the attack. Originally, it was even planning to wait for one of its standard Patch Tuesdays but relented and pushed it out a week early.