Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft confirms phishers stole 'several thousand'...

11 Oct 2009   #1
reghakr

Windows 7 Pro & Vista Home Premium
 
 
Microsoft confirms phishers stole 'several thousand'...

INFORMATION SYSTEMS BREACHES

Microsoft today confirmed that thousands of Windows Live Hotmail account usernames and passwords had leaked to the Internet, but said the credentials were "likely" stolen in a phishing attack. The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part.

Microsoft did acknowledge that Hotmail accounts had been compromised. "Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party
due to a likely phishing scheme," [a Microsoft] spokeswoman [said]. According to Neowin.net, which first reported the Hotmail incident, more than 10,000 accounts had been compromised. However, Neowin said it had seen only a partial list -- accounts with usernames starting with "A" or "B" -- and suspected that the total could be much larger. [Date: 5 October 2009

More.......Microsoft confirms phishers stole 'several thousand' Hotmail passwords


My System SpecsSystem Spec
.

12 Oct 2009   #2
sup3rsprt

XP, Seven, 2008R2
 
 

Quote   Quote: Originally Posted by reghakr View Post
The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part. …
If you think about it, it's not even possible to find the passwords of everyone's account starting from A to B. Because the database would not have passwords in cleartext form. They would be hashes of some sort. In order to find out someone's password from a database, you'd have to crack the hash.

Of course I am assuming that Microsoft stores credentials the correct way...
My System SpecsSystem Spec
12 Oct 2009   #3
rush2112

 

Quote   Quote: Originally Posted by sup3rsprt View Post
Quote   Quote: Originally Posted by reghakr View Post
The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part.
If you think about it, it's not even possible to find the passwords of everyone's account starting from A to B. Because the database would not have passwords in cleartext form. They would be hashes of some sort. In order to find out someone's password from a database, you'd have to crack the hash.

Of course I am assuming that Microsoft stores credentials the correct way...
I read somewhere that a LOT of the accounts had '123456' as their passwords. Thousands did. Looks like someone needs an education in internet security, eh?
My System SpecsSystem Spec
.


12 Oct 2009   #4
stormy13
Microsoft MVP

Win 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by rush2112 View Post
I read somewhere that a LOT of the accounts had '123456' as their passwords. Thousands did. Looks like someone needs an education in internet security, eh?
That and they need to stop clicking on every link that comes through their email. This,

-block.png

is one of the ones that was responsible for the phished accounts.


My System SpecsSystem Spec
16 Oct 2009   #5
WiFi Ed

Windows 7 Enterprise x64 SP1, Ubuntu 11.04 x64
 
 

A question: Are only @hotmail.com accounts at risk, or does this include @live.com also?

Assuming there was a hacking of Microsoft, of course. If it is just the result of successful phishing ploys, I'm sure I'm safe...probably
My System SpecsSystem Spec
16 Oct 2009   #6
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

If you're in doubt, change your password using another computer, not connected to your network.
My System SpecsSystem Spec
Reply

 Microsoft confirms phishers stole 'several thousand'...




Thread Tools





Similar help and support threads
Thread Forum
Microsoft claims former manager stole 600MB of confidential data
Microsoft claims former manager stole 600MB of confidential data | WinRumors
News
Microsoft Confirms Critical IE Bug, Works on Fix
Read more: Microsoft Confirms Critical IE Bug, Works on Fix - PCWorld
Security News
Hotmail Phishers Impersonate Microsoft Employees
Hotmail Phishers Impersonate Microsoft Employees - Softpedia
Security News
Microsoft confirms XP zero-day exploit.
For those of us that still use or have XP loaded... Hackers exploit Windows XP zero-day, Microsoft confirms Source Hackers exploit Windows XP zero-day, Microsoft confirms - Computerworld Tool/fix provided - Microsoft Fix It
News
Microsoft Confirms x64 Windows 7 Aero Vulnerability
Source - Microsoft Confirms x64 Windows 7 Aero Vulnerability - In the Windows Canonical Display Driver - Softpedia
News
Microsoft confirms 0-Day IIS security vulnerability
Microsoft has confirmed officially a zero-day security vulnerability affecting Internet Information Services (IIS). The security hole was initially reported just ahead of Christmas on December 23rd, and the Redmond company provided the first response at the end of the past week. So far, the issue...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:56.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App