According to Neowin, there has been a major security breach over at Windows Live. Details are still scarce, but apparently a list of over 10,000 email accounts were posted over at Pastebin this past weekend. The list Neowin read listed account-names all starting with the letters A and B, which suggests that there might be additional lists. Neowin also points out that the leaked accounts seems to be valid and that most of them originate from Europe.
Neowin says that they have reported the incident to Microsoft, but have still not heard back from them.
With this information in mind, we encourage all of our readers who have a Windows Live (including old Hotmail accounts) to immediately change their passwords.
Update: Microsoft has confirmed the breach. According to Microsoft’s official statement, this was caused by an external phishing attack rather than a security breach on Microsoft’s servers. In the statement, Microsoft downplays the incident as ‘affecting some Hotmail customers.’ To me 50 or 100 accounts would have been ‘some hotmail customers.’ 10,000+ is way more than ‘some.’
[...] This post was mentioned on Twitter by Email Service Guide. Email Service Guide said: More than 10,000 Windows Live / Hotmail accounts might have leaked. http://bit.ly/4rEi9f #hotmail #windowslive [...]
[...] rather lame phishing attempt.Yesterday we reported that Microsoft Live/Hotmail was exposed to an extensive phishing scheme. Apparently the attack was [...]
[...] Hotmail, and Yahoo e-mail account passwords had been phished and posted online (which we covered here and here). This is neither the first nor the last time security has been or will be compromised by [...]