Page last updated at 19:02 GMT, Monday, 5 October 2009 20:02 UK

Phishing attack targets Hotmail

By Jonathan Fildes
Technology reporter, BBC News

Windows Live logo
Reports suggest Windows Live Hotmail accounts have been hacked

Thousands of accounts on web-based e-mail system Hotmail have been compromised in a phishing attack, software giant Microsoft has confirmed.

BBC News has seen a list of more than 10,000 e-mail accounts, predominantly originating from Europe, and passwords which were posted online.

Microsoft said it had launched an investigation.

Phishing involves using fake websites to lure people into revealing details such as bank accounts or login names.

"We are aware that some Windows Live Hotmail customers' credentials were acquired illegally and exposed on a website," said a Microsoft spokesperson.

"Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers."

Quick change

Graham Cluley, consultant at security firm Sophos, told BBC News the published list may just be a subset of a longer list of compromised accounts.

"We still don't know the scale of the problem," he told BBC News.

Technology blog neowin.net was the first to publish details of the attack. It said the accounts were posted on 1 October to pastebin.com, a website commonly used by developers to share code.

Although the details have since been removed, BBC News and Neowin has seen a list of 10,028 names beginning with the letters A and B.

BBC News has confirmed that the accounts are genuine and predominantly originate in Europe.

The list included details of Microsoft's Windows Live Hotmail accounts with email addresses ending hotmail.com, msn.com and live.com.

Mr Cluley advised Hotmail users to change their password as soon as possible.

"I'd also recommend that people change the password on any other site where they use it," he said.

Around 40% of people use the same password for every website they use, he added.

Hotmail is currently the largest web-based e-mail service.



Print Sponsor


SEE ALSO
How to escape the phishing nets
02 May 05 |  Technology
Hi-tech crime: A glossary
05 Oct 06 |  UK
Q&A: Stay safe online
17 Nov 08 |  Technology
Thousands fall for Hotmail prank
08 Mar 06 |  Business
Hotmail hole exposes e-mails
20 Aug 01 |  Science/Nature

RELATED INTERNET LINKS
The BBC is not responsible for the content of external internet sites


FEATURES, VIEWS, ANALYSIS
Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit

BBC navigation

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.

Americas Africa Europe Middle East South Asia Asia Pacific