Security Bytes

Oct 6 2009   3:03PM GMT

Massive phishing scheme affects Microsoft Hotmail accounts

Robert Westervelt Robert Westervelt Profile: Robert Westervelt


Hotmail passwords stolen; Gmail, Yahoo affected as well.

Microsoft is blaming a highly successful phishing scheme for pilfering thousands of passwords to Microsoft Hotmail Live email account holders. In a blog posting, Microsoft said the Hotmail credentials were stolen over the weekend and posted to a third party website. In an update it said it was working to block access to exposed accounts.

Microsoft has set up a process for affected account holders to reclaim their Hotmail account.

Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts.

According to a report by, an anonymous user posted details of the phished account credentials Oct. 1 at, a site commonly used by developers to share code snippets. The list contained information on more than 10,000 accounts, according to the report.

An updated Neowin report found other webmail services affected as well including Comcast, Earthlink account holders.

Attackers have been stealing credentials to webmail accounts for years. The accounts are targeted to steal information or to be used as a platform to set up spamming runs before the accounts are identified and shut down by the email provider. If anything the message here is to get into the habit of regularly changing your passwords.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: