Hotmail security breach confirmed as phishing attack

Darren Allan

October 6, 2009

Microsoft has confirmed that Hotmail password details were posted online as a result of a phishing scam.

The details of thousands of accounts were posted up earlier this week, and according to a piece in The Guardian, Microsoft said that its security wasn’t at fault.

“Over the weekend, Microsoft learned that several thousand Windows Live Hotmail customers’ credentials were exposed on a third-party site due to a likely phishing scheme,” Microsoft stated in the Guardian report.

Neowin, the site that first broke the story, is now claiming that more lists of login details are circulating, and over 20000 accounts are affected (double the original number).

Neowin says these aren’t just Hotmail accounts either, but non-Hotmail passport accounts: “A new list contains email accounts for Gmail, Comcast, Earthlink and other third party popular web mail services. It’s not clear if this is login information for the service itself or the Microsoft Passport passwords.”

Security experts are advising that Hotmail users change their passwords.


Comments in chronological order (1 comment)

  1. mary blair says:

    some body has hacked our email adress cant get into email.

Post a comment

Your email address will not be published. Required fields are marked *

Visited 4435 times, 1 so far today