Thousands of Hotmail passwords leaked

Microsoft confirms phishing scam while reports mount that Gmail and Yahoo! accounts have also been affected

Tags: Cyber crimeHotmailMicrosoft CorporationPhishingUSAUnited Arab Emirates
  • E-Mail
Thousands of Hotmail passwords leaked Microsoft has blocked access to the accounts affected by the phishing scam. (Getty Images)
By  Vineetha Menon Published  October 6, 2009

Microsoft has confirmed that "several thousands" of Hotmail passwords were leaked online as part of a massive phishing attack that shows no signs of abating just yet.

An anonymous user posted details of the accounts on October 1st at but Microsoft has since taken down the information. Tech site Neowin, which was the first to post details of the phishing attack, managed to see part of the list and revealed that most of the accounts appear to be based in Europe - this includes, and accounts.

While initial reports claimed passwords from 10,000 accounts were leaked, it's now believed that the figure could actually be closer to the 30,000 range.

Worryingly, the BBC has now reported that e-mail addresses and passwords from other service providers like Yahoo!, AOL and Gmail are also on the list.

"Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a likely phishing scheme," the company said in a statement. "Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."

While there have been no reports yet on any user from the Middle East being affected, Microsoft has asked anyone who believes their information was put up on the illegal list to fill out a form online to reclaim access.

3503 days ago

It happened to me also , but due to having knowledge about phishing attacks. I didnt reply to any request for typing my password. Any contact in my msn list appeared online & pasted me the link which took me to a website asking for msn/hotmail/live account & password. Which i didnt type @ all. A basic understanding of internet attacks, security measures to stop those attacks should be publicized to users in order to save them in the future.

3515 days ago
Jeffrey Kershaw

How can we tell if our hotmail details have been leaked or not? There must be a website or list where we can check and if necessary change our passwords - probably a good idea anyway. What is happening? What are Microsoft doing to avoid huge damage???

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code