Millions of accounts on web-based e-mail system Hotmail of Tech Giant Microsoft have been compromised in a phishing attack, software giant Microsoft has confirmed.
The huge security breach was first reported by the website neowin.net, which said a list of the account details had been posted last week on pastebin.com, a forum used by software developers.
But while the initial report indicated a security breach at Hotmail's servers, Microsoft said that the sensitive data most likely emanated from a phishing scheme in which Hotmail users were tricked into entering their information in a bogus site.
"Over the weekend, Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a likely phishing scheme," Microsoft said in a statement.
"Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."
According to Neowin, the list was posted on Friday at pastebin.com but has since been taken down. The site said it had seen parts of the list and that the accounts appeared to be genuine and mostly based in Europe. The list detailed accounts starting from A through B, suggesting that additional accounts may also have been compromised.
Tags:
Tech News