Hotmail Leak: Phishers Make off with Thousands of Passwords
Details of a Hotmail security breach emerged early yesterday, and it's suggested that approximately 10,000 accounts could have been compromised.
While the exact number of accounts has not yet been confirmed, the breach was likely the result of a phishing campaign -- a different kind of hack that uses fake web pages in order to acquire all kinds of sensitive information, from login data and passwords (such as in this case) to credit card and social security numbers. (Source: cnet.com)
"We determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts," said a Microsoft representative through email to Computerworld. (Source: computerworld.com)
"Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a likely phishing scheme," the spokesperson admitted.
Big Results for Phishing Campaign
Security insiders who track phishing campaigns like this one are startled by the news, but do not entirely rule out the possibility that such an immense number of passwords could be lost from such a trusted source.
"That's a big result for a phishing campaign," said chairman of the Anti-Phishing Working Group (APWG) Dave Evans. "But it's not outside the realm of possibility." Evans says that he's seen as many as 75,000 accounts compromised by phishers fooling popular Internet Service Providers (ISPs).
Hotmail Users: Change Password
To date, Microsoft has not confirmed that the total number of passwords lost is limited to just 10,000. In fact, it's equally possible that many more accounts could have been breached.
Microsoft is working on the matter, and in the meantime the Redmond-based recommends all Hotmail users should change their passwords immediately.
Free eBook: Refreshing, Resetting, and Restoring: A Guide to Recovery Options in Windows 8. When do you refresh, reset, or restore your Windows 8 PC -- and what's the difference? In a nutshell, resetting reverts a machine back to a base image of the initial installation, while refreshing is much less drastic and keeps applications and user data safe. So, which one should you choose and under what circumstances? With this eBook, you'll learn about the powerful additions to the arsenal of recovery tools found in Windows 8. Click here to download this eBook now! Note: this eBook is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.
Need tech support? Chat with Dennis now using the chat button near the bottom left of the screen.