Wednesday, October 7, 2009

Thousands of Hotmail passwords leaked online

Update - there are now 20,000 accounts affected and non-Hotmail addresses.

Neowin has received information regarding a possible Windows Live Hotmail "hack" or phishing scheme where password details of thousands of Hotmail accounts have been posted online.

An anonymous user posted details of the accounts on October 1 at, a site commonly used by developers to share code snippets. The details have since been removed but Neowin has seen part of the list posted and can confirm the accounts are genuine and most appear to be based in Europe.

The list details over 10,000 accounts starting from A through to B, suggesting there could be additional lists. Currently it appears only accounts used to access Microsoft's Windows Live Hotmail have been posted, this includes, and accounts.

Neowin has reported this immediately to Microsoft's Security Response Center and to Microsoft's PR teams in the UK and US and we are currently awaiting feedback on the situation. As this is a breaking story please check back frequently as the story will be updated as soon as more information becomes available.
If you are a Windows Live Hotmail user Neowin recommends that you change your password and security question immediately.
Thanks to Chris for the news tip

Update: According to BBC News, Microsoft is currently "investigating the situation and will take appropriate steps as rapidly as possible."

Update 2: Microsoft has now fully confirmed our reports. According to a Microsoft spokesperson "over the weekend Microsoft learned that several thousand Windows Live Hotmail customer's credentials were exposed on a third-party site due to a likely phishing scheme.

Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."


Guys and Girls please change your password as soon as possible. We will never know that our password have been taken and are keep for later use. Our email account is important because we keep our important stuff in there. The bad part is that our bank account password or any sort of thing is keep in there.

So i  am getting going to change my hotmail password

2 Lovely Comment:

Anonymous said...
This comment has been removed by a blog administrator.
kenwooi said...

wow.. thats bad..