The Redmond company acknowledged that passwords of 10.000 Hotmail, MSN and Live users leaked into the Internet. Microsoft’s research lead to the result that the account data – mostly of European users – has been gathered by criminals with phishing.

According to the Windows Live Blog, Microsoft has closed down the leaked accounts; also the list with the passwords is no longer available. Affected users should fill out a form to reclaim their account. The company also recommends some security measurements in their Blog entry to avoid successful phishing.

Another recommendation is to change the password in any case – Microsoft advises to change it every three months. How bad passwords look like and how to choose a good one can be read in this recent Blog article.

Update (October 7th): Meanwhile, also hacked Google Mail accounts as well as accounts from Yahoo Mail, AOL and other providers were found on the net. Some of them are old, unused or even fake. This seems to confirm that the account data was gathered with phishing. The number of accounts found on the net raised to more than 30.000.

Dirk Knop
Technical Editor