Microsoft acknowledges Windows Live ID breach

Share this article:

The credentials of thousands of Microsoft Windows Live ID accounts were posted online late last week, company officials said Monday.

The company confirmed Monday in a blog post that several thousand Windows Live customers had their usernames and passwords exposed on a third-party site over the weekend.

"Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers," the post said. "As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."

Windows Live IDs let users gain entry into Hotmail, Messenger, Xbox LIVE, according to Microsoft. The usernames and passwords that were leaked may also be used for other Microsoft services, including the company's web-based Office program and the Skydrive online storage service.

News of the breach spread early Monday, but it was unclear how the credentials were originally obtained.

“An anonymous user posted details of the accounts on [Monday] at pastebin.com, a site commonly used by developers to share code snippets,” Tom Warren, a blogger at Neowin, a technology news website, wrote in a report Monday. “The list details over 10,000 accounts starting from A through to B, suggesting there could be additional lists.”

Microsoft recommended that users change Windows Live passwords, and that administrators make sure to approve and authenticate only known users, while also keeping anti-virus software up to date.

Microsoft directed concerned users to this page to obtain more information on remediation. The page, however, includes a notice that reads: “Windows Live Hotmail is currently experiencing login issues. Some customers may receive errors when attempting to login to their Live Hotmail account.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Millenials improve security habits, more interested in cyber careers, still need guidance

Millenials improve security habits, more interested in cyber ...

Raytheon's second annual survey on the online and security behavior of Millennials shows improvement but still a long way to go.

Pakistani man indicted over spyware app creation

Hammad Akbar created StealthGenie, which allowed the purchaser to secretly monitor a cell phone's communications.

FDA finalizes guidelines on medical device, patient data security

The recommendations are aimed at providing better protecting patient health and data, as well as hoping device manufacturers take into account cybersecurity risks in the early stages of development.