Over 10,000 Windows Live passwords leaked

By on October 5, 2009, 2:13 PM
Update: Microsoft has confirmed Neowin's initial report, saying, "several thousand Windows Live Hotmail customer's credentials were exposed on a third-party site due to a likely phishing scheme." Redmond has determined that its internal data has not been breached, and it is working to help users regain control of their accounts.

Original: Neowin is reporting that thousands of Windows Live Hotmail passwords may have been compromised in a "hack" or phishing scheme. The site caught word of an anonymous post on pastebin.com, a service that allows users to upload and publicly display snippets of text like source code.

The post contained the names and passwords of over 10,000 accounts from A through B, most of which seemed to be based in Europe. The Microsoft Windows Live Hotmail accounts include those that end in @hotmail.com, @live.com, and @msn.com. Neowin reported this information to Microsoft's Security Response Center as well as PR folks in both the US and UK.

Microsoft has stated that it is "investigating the situation and will take appropriate steps as rapidly as possible." In the mean time, it would probably be a smart move to change the password and security question to your Windows Live account, no what it begins with alphabetically.

User Comments: 8

Got something to say? Post a comment
Guest said:

Accounts with A-B as 1st names or Surname. I fall into both Ooer...(:

TorturedChaos, TechSpot Chancellor, said:

Glad I haven't had a hotmail account for about 6 years .

maestromasada said:

Look it from the optimistic point of view: I can now ask anybody on the net for my hotmail account password in case I've forgotten it!

Burty117 Burty117, TechSpot Chancellor, said:

guys! more than 30,000 email accounts have now been posted accross all major webmail sites!


Guest said:

I'm curious to know what over 10,000 mean... is it 10,001 or 100,000 or 1M. give us an accurate or extremely close number.

nannhy dueh

raybay said:

Oh, but which password to use when I find them all... such a struggle.

From what I can tell, the 30,000 accounts are pretty much suppressed now... and it is easy enough to change passwords anyway. Microsoft has certainly made it a nightmare for some of my clients.

Burty117 Burty117, TechSpot Chancellor, said:

to Guest

it was 10,028 i think i read on the bbc website? but its like 30,000 now but no actual number attached.

Guest said:

Get rid of email:

It is about time to get rid of email by go to directly to the source.

Steps are:

1) Have a program that will contact your sources.

2) Download what the source have for that day or week or email

your source.

3) If your sources want to get in touch with you, use your e-mail

provider or set a special time up for computer to computer


This will all so get rid of Spam, viruses or junk mail from your e-mail provider.


Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.