Warning: Hotmail Passwords Leaked Online

Status
Not open for further replies.

topgear

Super Moderator
Staff member
Over ten thousand Hotmail account details have been published online.

Earlier today, Microsoft announced that it's currently looking into a possible phishing scheme that has exposed the passwords of "thousands" of Windows Live Hotmail accounts. Evidence of the hack originally surfaced over on pastebin.com last week (October 1) where the assaulting party posted the account addresses and passwords, most of which resided in Europe.

However, Neowin reports that it caught part of the list before it was removed, saying that more than 10,000 accounts were revealed. Unfortunately, the list only covered the letters A and B, indicating that there were thousands more not yet exposed to inquiring minds. The listed addresses include users with @hotmail.com, @msn.com, and @live.com domains.

"Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers’ credentials were exposed on a third-party site due to a likely phishing scheme," Microsoft said. "Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."

Microsoft added that Hotmail users should change passwords every 90 days. Administrators should approve and authenticate known users, and those that can show credentials. Users should also keep anti-virus software up to date, Microsoft said.

*www.tomsguide.com/us/Windows-Live-hotmail-Hacked-Phishing,news-4790.html
 
OP
topgear

topgear

Super Moderator
Staff member
Gmail, Yahoo, Others Also Hit in Hotmail Attack

Yesterday all 21 million Hotmail users were encouraged to change their passwords when the login details of 10,000 mostly European users were posted online. Today we learn that Microsoft's Hotmail was not the only email provider targeted in the attack.

The BBC today reports that it has received confirmation from Google that Gmail was also targeted in what the search giant described as an "industry-wide phishing scam."

"We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts," a Google spokesperson told the Beeb. "As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them."

Google went on to say that the scam was not a breach of Gmail security but "a scam to get users to give away their personal information to hackers."

The news comes following a previous report in which the BBC claimed to have seen a list of 20,000 logins and passwords for Hotmail, Yahoo, AOL, Gmail and other accounts. This number has since crept up to 30,000.

*www.tomshardware.com/news/Gmail-Yahoo-Hotmail-Attack-phishing,8796.html

I think I speak for everyone when I say, 'Ugh!' There's nothing more annoying than a phishing scam that forces you to change your passwords for everything 'just in case.'

*www.tomshardware.com/news/Gmail-Yahoo-Hotmail-Attack-phishing,8796.html
 
Status
Not open for further replies.
Top Bottom