Dina Bass reports:
Microsoft Corp., whose Internet- identification service was partly shut down for an hour this morning, is looking into reports that a “limited number” of customers were able to gain access to other users’ accounts.
The breach occurred when users were trying to get into their own accounts using a mobile-phone Web browser, the company said in an e-mailed statement. It wasn’t clear if the security hole was related to the shutdown, Microsoft said.
[…]
Masato Kimura, a Hotmail user in Rockville, Maryland, said the security flaw began and ended at about the same time as the broader service failure. Kimura said he was trying to check his Hotmail messages from his LG Electronics Inc. Voyager phone when a different account popped up.
“All of a sudden, I saw an inbox that looked very unfamiliar to me,” he said. “I tried it again and got yet another inbox. I tried it several times and each time I would be getting a different inbox.”
Read more on Bloomberg.