forwardone
10-06-09, 09:44 AM
Thousands of passwords from the world’s most popular e-mail service have been stolen and posted online.
Hotmail’s owner, Microsoft, said that it was investigating how a hacker apparently accessed more than 10,000 accounts with addresses ending hotmail.com, msn.com and live.com. The details were posted on a site used by technology experts last week but have since been removed.
A Microsoft spokesman confirmed that the details were obtained as a result of a phishing scam. “We are working diligently to help customers regain control of their accounts,” he said.
Phishing is a process where members of the public are duped into handing over their personal details, such as user names, passwords and credit card details. Victims send the information by e-mail to people posing as banks or online stores.
Data can also be stolen by infecting a person’s personal computer with viruses and then raiding it for information.
Tom Warren, a writer on Neowin.net, the technology blog that first revealed the breach, said that most of the compromised Hotmail passwords were from Europe, suggesting that many British addresses could have been among those compromised.
Hotmail has more than 14 million users in Britain - around 5 million more than its closest rival, Yahoo! Mail - and about 28 per cent of the total users of webmail services, according to Nielsen figures.
Social networking sites such as Twitter were abuzz with the reports, with users advising each other to change their e-mail passwords immediately.
Microsoft is the latest in a long line of big organisations, from the UK Government to major banks, who have been faced with internet security breaches recently.
Earlier this year The Times revealed that around 4million British identities had been stolen and made available on the web. Lucid Intelligence, a British company, had intercepted highly sensitive financial information, including credit card details, bank account numbers, telephone numbers and even PINs, all of which had been made available to the highest bidder.
In 2007 the personal and bank details of 25million people — almost every child in the country, as well as their parents and carers — were lost by HM Revenue & Customs. The information went missing when two CDs containing the details were mislaid.
Last year a series of freedom of information requests revealed that the NHS had lost the confidential medical records and personal details of thousands of patients in a “catalogue of errors”.
Earlier this year HSBC, Europe’s biggest bank, was fined more than £3million by the Financial Services Authority for the “careless” handling of confidential details of tens of thousands of its customers.
In a series of security failings the bank sent unencrypted private details via courier to third parties and left information lying on open shelves and in unlocked cabinets where it could have been lost or stolen, the FSA said.
business.timesonline.co.uk
Hotmail’s owner, Microsoft, said that it was investigating how a hacker apparently accessed more than 10,000 accounts with addresses ending hotmail.com, msn.com and live.com. The details were posted on a site used by technology experts last week but have since been removed.
A Microsoft spokesman confirmed that the details were obtained as a result of a phishing scam. “We are working diligently to help customers regain control of their accounts,” he said.
Phishing is a process where members of the public are duped into handing over their personal details, such as user names, passwords and credit card details. Victims send the information by e-mail to people posing as banks or online stores.
Data can also be stolen by infecting a person’s personal computer with viruses and then raiding it for information.
Tom Warren, a writer on Neowin.net, the technology blog that first revealed the breach, said that most of the compromised Hotmail passwords were from Europe, suggesting that many British addresses could have been among those compromised.
Hotmail has more than 14 million users in Britain - around 5 million more than its closest rival, Yahoo! Mail - and about 28 per cent of the total users of webmail services, according to Nielsen figures.
Social networking sites such as Twitter were abuzz with the reports, with users advising each other to change their e-mail passwords immediately.
Microsoft is the latest in a long line of big organisations, from the UK Government to major banks, who have been faced with internet security breaches recently.
Earlier this year The Times revealed that around 4million British identities had been stolen and made available on the web. Lucid Intelligence, a British company, had intercepted highly sensitive financial information, including credit card details, bank account numbers, telephone numbers and even PINs, all of which had been made available to the highest bidder.
In 2007 the personal and bank details of 25million people — almost every child in the country, as well as their parents and carers — were lost by HM Revenue & Customs. The information went missing when two CDs containing the details were mislaid.
Last year a series of freedom of information requests revealed that the NHS had lost the confidential medical records and personal details of thousands of patients in a “catalogue of errors”.
Earlier this year HSBC, Europe’s biggest bank, was fined more than £3million by the Financial Services Authority for the “careless” handling of confidential details of tens of thousands of its customers.
In a series of security failings the bank sent unencrypted private details via courier to third parties and left information lying on open shelves and in unlocked cabinets where it could have been lost or stolen, the FSA said.
business.timesonline.co.uk