Hotmail, Microsoft’s free online email service, finds itself in hot water when 10,000 email accounts usernames and passwords were recently discovered posted in a code-sharing website.

BBC News has reported that these Hotmail account owners, mostly from Europe, were victimized by a phishing attack. Microsoft is currently investigating the incident, and hinted that there may be more users who have inadvertently compromised the privacy of their email accounts.

The total scale of the phishing attack has yet to be determined, since the 10,028 Hotmail usernames and passwords are only of users whose names begin with A or B. Microsoft has confirmed the accounts to be genuine.

Microsoft has also taken action to remove the passwords and usernames from the website. As of now, there is no news regarding what action the software giant will take against the instigators of the attack, nor what the impact will be to the owners of the compromised accounts. Microsoft has advised users to immediately change their passwords, and warned email account holders to be more careful in responding to emails.

Phishing is an online scam in which email accounts are sent fake emails disguised as legitimate correspondence from trusted websites. Once the recipient clicks on a link included in the email, his or her account is then compromised, allowing phishers to gain access to account information as well as other sensitive information, including bank passwords and credit card accounts.

The original BBC story can be found here.

Published with permission from TechAdvisory.org. Source.