In addition to the 10,000-plus Windows Live Hotmail
account names and passwords posted online yesterday, another 20,000 email accounts have been exposed, including those from Gmail, Yahoo, AOL, Comcast, and Earthlink. According to the BBC, over 30,000 accounts
have now been compromised across the mail services.
A Google spokesperson told CNET
that it recently became aware of the industry-wide phishing scheme through which hackers gained user credentials for webmail accounts. Google responded immediately by forcing a password reset on the 500 or so affected users. The company is also prepared to reset the passwords of any other newly compromised accounts.
Some of the accounts exposed online are old or unused, but many are genuine. All of the companies involved are recommending that users promptly and routinely change their passwords and security questions, and to exercise extreme caution when opening unsolicited attachments and links.