Hotmail is currently the largest web-based e-mail service.
Over the last weekend, thousands of user names and passwords from the Hotmail service were posted on a data-sharing service called Pastebin, with potentially hundreds of thousands of additional users at risk.
Over 10,000 accounts on Hotmail (still the largest web-based email service in the world) are immediately known to be affected.
The posted accounts reportedly began with the letter A or B and were listed alphabetically.
BBC has now reported that it has seen on same website 20,000 addresses and passwords for e-mail accounts from Hotmail, Gmail, Yahoo, AOL, Gmail, EarthLink and Comcast.
Microsoft, Google and Yahoo have confirmed that the addresses are real and that the information was stolen through phishing schemes, though they have declined to provide additional details. All say they are helping affected users to recover their accounts.
Phishing involves using fake websites to lure people into revealing details such as bank accounts or login names.
"We are aware that some Windows Live Hotmail customers' credentials were acquired illegally and exposed on a website," said a Microsoft spokesperson. "Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers."
Around 40% of people use the same password for every website they use, he added.
Source: BBC and NY Times
Posts
0 Comments