In addition to the 10,000-plus Windows Live Hotmail account names and passwords posted online yesterday, another 20,000 email accounts have been exposed, including those from Gmail, Yahoo, AOL, Comcast, and Earthlink. According to the BBC, over 30,000 accounts have now been compromised across the mail services.
A Google spokesperson told CNET that it recently became aware of the industry-wide phishing scheme through which hackers gained user credentials for webmail accounts. Google responded immediately by forcing a password reset on the 500 or so affected users. The company is also prepared to reset the passwords of any other newly compromised accounts.
Some of the accounts exposed online are old or unused, but many are genuine. All of the companies involved are recommending that users promptly and routinely change their passwords and security questions, and to exercise extreme caution when opening unsolicited attachments and links.