Hotmail and MSN users hit in 'phishing attack'

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

Thousands of Hotmail users' details have been posted online after what Microsoft says is likely to be a phishing attack.

Neowin.net first reported the leak when it found username and password details posted online at pastebin.com, a site where developers share code.

Around 10,000 people were affected, according to Neowin, spanning hotmail.com, msn.com and live.com accounts.

The list, which alphabetically details accounts from A to B, suggests the anonymous party that originally posted it on October 1 could have details for thousands more accounts.

Neowin reported the list's existence to Microsoft's Security Response Centre, which confirmed that the data did not come from an internal breach and the list was most likely proceeds of a phishing scheme.

"Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a likely phishing scheme," Microsoft said in a statement.

Neowin.net first reported the leak when it found username and password details posted online at pastebin.com, a site where developers share code.

Around 10,000 people were affected, according to Neowin, spanning hotmail.com, msn.com and live.com accounts.

The list, which alphabetically details accounts from A to B, suggests the anonymous party that originally posted it on October 1 could have details for thousands more accounts.

Neowin reported the list's existence to Microsoft's Security Response Centre, which confirmed that the data did not come from an internal breach and the list was most likely proceeds of a phishing scheme.

"Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a likely phishing scheme," Microsoft said in a statement.

Source: NZ Herald