Microsoft confirms publication of stolen Hotmail accounts

Microsoft has confirmed that the credentials of thousands of stolen Windows Live Hotmail accounts have been made public. The software giant advises its users to change the password and check their bank account properly.

Around October 1, strangers published a list of more than ten thousand Hotmail accounts on the Pastebin.com website. These are e-mail addresses starting with the letters ‘a’ and ‘b’, and ending with Hotmail.com, msn.com and live.com, so reports the BBC. The British broadcaster says it has seen the list and states that the data is authentic. It would mainly concern accounts of European users. The account list has since been removed from Pastebin.

Microsoft confirms the problem and said it has launched an investigation into the source of the list and the potential impact on Windows Live Hotmail users. The software giant urgently advises users of its free webmail service to immediately choose a different password. Because many users also use the same password to log in to other websites, Microsoft states that they would do well to change their password there as well. In addition, users should keep a close eye on their bank account to identify any suspicious transactions.

Where exactly the list of account details comes from is unknown. Microsoft claims that the published credentials do not come from the company itself and suspects that they were obtained through phishing, but evidence is still lacking. An employee of the security firm Sophos says the list of 10,000 accounts may be just the tip of the iceberg and many more Hotmail accounts may have been affected.