Thousands of Hotmail passwords leaked online

HappyAndyK · **Thousands of Hotmail passwords leaked online -** 10-05-2009, 12:23 PM

A possible Windows Live Hotmail "hack" or phishing scheme has led to the password details of thousands of Hotmail accounts have been posted online.

An anonymous user posted details of the accounts on October 1 at pastebin.com, a site commonly used by developers to share code snippets. The details have since been removed but Neowin has seen part of the list posted and can confirm the accounts are genuine and most appear to be based in Europe. The list details over 10,000 accounts starting from A through to B, suggesting there could be additional lists.

Currently it appears only accounts used to access Microsoft's Windows Live Hotmail have been posted, this includes @hotmail.com, @msn.com and @live.com accounts.

If you are a Windows Live Hotmail user change your password and security question immediately.

nitinagarwal1988 · 10-05-2009, 12:40 PM

OMG !! thanks sir for reporting and alerting about this.....I'll change it soon !!

johnny.rotton · 10-05-2009, 12:51 PM

THanks for the info Andy, all changed. JR

roraniel · 10-05-2009, 01:08 PM

Changed. Actually I needed to update it. My old password was rated as Weak!!!

DeborahJ · 10-05-2009, 01:22 PM

Thanks for the heads up...changing!

seti · 10-05-2009, 03:32 PM

I am not sure if there is need to panic about this right away. Thank you for the information

roraniel · 10-05-2009, 03:40 PM

When I reset my password I noticed that I had the option to have it expire every 72 days.

I do not know if this is only an option for paid accounts but it was an option.

seti · 10-05-2009, 03:42 PM

Quote:

Originally Posted by roraniel

When I reset my password I noticed that I had the option to have it expire every 72 days.

I do not know if this is only an option for paid accounts but it was an option.

I think this has been there for a long time now as an option to use.

pyu.agrawal · 10-05-2009, 04:48 PM

Changed. But no word from MS as of now, isin't it strange ?

r.k · 10-05-2009, 08:19 PM

Update 1: According to BBC News, Microsoft is currently "investigating the situation and will take appropriate steps as rapidly as possible."

Update 2: Microsoft has now fully confirmed our reports. According to a Microsoft spokesperson "over the weekend Microsoft learned that several thousand Windows Live Hotmail customer's credentials were exposed on a third-party site due to a likely phishing scheme. Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."

Source:Neowin