|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: InfoSec News (alerts
infosecnews.org)
Date: Tue Oct 06 2009 - 03:34:54 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.theregister.co.uk/2009/10/05/hotmail_passwords_leaked/
By Dan Goodin in San Francisco
The Register
5th October 2009
Updated: Login credentials for more than 10,000 Microsoft Live accounts
have been posted to the internet, most likely by miscreants who found
them or harvested them in a phishing attack.
In all, there were 10,028 pairs of user names and passwords posted to
multiple pages of public upload website Pastebin.com, some of which
remained live at time of writing. The stash is likely only a small
sample of a much larger haul, since the alphabetical list begins with
the user name ararat973hoymail.com and concludes with
blando2713hotmail.com.
The discovery coincided with unsubstantiated posts that claimed
passwords for all Windows Live accounts had been leaked. That seemed
highly unlikely. If one assumed there were 5,500 accounts beginning with
each letter of the alphabet - a crude estimate based on the sample -
that would come to just 143,000 compromised accounts total. That's a
tiny fraction of the 450 million or so total Windows Live accounts out
there.
The leak is most likely the result of miscreants who harvested the
passwords using keystroke-logging trojans or phishing scams. A Microsoft
spokeswoman confirmed that the company doesn't store passwords in the
clear and said its security team has been investigating the leak since
this weekend.
[...]
________________________________________
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News
http://www.infosecnews.org
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]