sourceMicrosoft confirmed yesterday evening that the popular web email service, Hotmail, had been targeted by malicious fraudsters in what is commonly referred to as a phishing scam, tricking users into revealing their credentials at fake websites.
Lists are circulating with genuine account information and that over 20,000 accounts have now been compromised. Non-Hotmail passport accounts have been affected too. A new list contains email accounts for Gmail, Yahoo, Comcast, Earthlink and other third party popular web mail services. It's not clear if this is login information for the service itself or the Microsoft Passport passwords.
Microsoft confirmed yesterday and issued a statement on a company blog:
"Over the weekend Microsoft learned that several thousand Windows Live Hotmail customer's credentials were exposed on a third-party site due to a likely phishing scheme. Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."
The account's name and passwords originated from pastebin.com, a site commonly used by developers to share code snippets. Pastebin owner Paul Dixon confirmed that the site was down for maintenance due to "an unprecedented amount of traffic" after our initial reports. Dixon stated "Pastebin.com is just a fun side project for me, and today it's not fun. It will remain offline all day while I make some further modifications."
Today's Update
The phishing attack has spread to Google Mail and Yahoo mail amongst others. Google has confirmed the phishing attacks.
so change ur passwords better be safe than sorry lol
Last edited by blademaster (2009-10-06 10:24:49)
