Tom Warren reports:
Neowin has received information regarding a possible Windows Live Hotmail “hack” or phishing scheme where password details of thousands of Hotmail accounts have been posted online.
An anonymous user posted details of the accounts on October 1 at pastebin.com, a site commonly used by developers to share code snippets. The details have since been removed but Neowin has seen part of the list posted and can confirm the accounts are genuine and most appear to be based in Europe. The list details over 10,000 accounts starting from A through to B, suggesting there could be additional lists. Currently it appears only accounts used to access Microsoft’s Windows Live Hotmail have been posted, this includes @hotmail.com, @msn.com and @live.com accounts.
Read more on Neowin.net
Update: Gregg Keizer of Computerworld reports:
Microsoft today confirmed that thousands of Windows Live Hotmail account usernames and passwords had leaked to the Internet, but said the credentials were “likely” stolen in a phishing attack.
The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part.