Microsoft confirms phishers stole 'several thousand'...


  1. Posts : 1,614
    Windows 7 Pro & Vista Home Premium
       #1

    Microsoft confirms phishers stole 'several thousand'...


    INFORMATION SYSTEMS BREACHES

    Microsoft today confirmed that thousands of Windows Live Hotmail account usernames and passwords had leaked to the Internet, but said the credentials were "likely" stolen in a phishing attack. The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part. …

    Microsoft did acknowledge that Hotmail accounts had been compromised. "Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party
    due to a likely phishing scheme," [a Microsoft] spokeswoman [said]. … According to Neowin.net, which first reported the Hotmail incident, more than 10,000 accounts had been compromised. However, Neowin said it had seen only a partial list -- accounts with usernames starting with "A" or "B" -- and suspected that the total could be much larger. [Date: 5 October 2009

    More.......Microsoft confirms phishers stole 'several thousand' Hotmail passwords
      My Computer


  2. Posts : 1,557
    XP, Seven, 2008R2
       #2

    reghakr said:
    The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part. …
    If you think about it, it's not even possible to find the passwords of everyone's account starting from A to B. Because the database would not have passwords in cleartext form. They would be hashes of some sort. In order to find out someone's password from a database, you'd have to crack the hash.

    Of course I am assuming that Microsoft stores credentials the correct way...
      My Computer


  3. Posts : 30
    Win7 RC
       #3

    sup3rsprt said:
    reghakr said:
    The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part. …
    If you think about it, it's not even possible to find the passwords of everyone's account starting from A to B. Because the database would not have passwords in cleartext form. They would be hashes of some sort. In order to find out someone's password from a database, you'd have to crack the hash.

    Of course I am assuming that Microsoft stores credentials the correct way...
    I read somewhere that a LOT of the accounts had '123456' as their passwords. Thousands did. Looks like someone needs an education in internet security, eh?
      My Computer


  4. Posts : 6,879
    Win 7 Ultimate x64
       #4

    rush2112 said:
    I read somewhere that a LOT of the accounts had '123456' as their passwords. Thousands did. Looks like someone needs an education in internet security, eh?
    That and they need to stop clicking on every link that comes through their email. This,

    Microsoft confirms phishers stole 'several thousand'...-block.png

    is one of the ones that was responsible for the phished accounts.
      My Computer


  5. Posts : 240
    Windows 7 Enterprise x64 SP1, Ubuntu 11.04 x64
       #5

    A question: Are only @hotmail.com accounts at risk, or does this include @live.com also?

    Assuming there was a hacking of Microsoft, of course. If it is just the result of successful phishing ploys, I'm sure I'm safe...probably
    Last edited by WiFi Ed; 16 Oct 2009 at 20:51. Reason: dyslexia...
      My Computer


  6. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #6

    If you're in doubt, change your password using another computer, not connected to your network. :)
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 12:44.
Find Us