Hotmail phishing attack - official statement from Microsoft
Yesterday we told you about security issues with Hotmail, after 10,000 account names and passwords appeared in a developer forum. At the time it was unclear how the information had been acquired, but Microsoft has now confirmed it was through a phishing scam. The big dogs have been in touch with Bitterwallet to provide a full statement on the matter:
We are aware that some Windows Live Hotmail customers’ credentials were acquired illegally by a phishing scheme and exposed on a website. Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation.
As part of that investigation, we determined that this is not a breach of any Microsoft servers. Subsequently we are taking measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts.
If users believe their information was documented on the illegal list, users should fill out this form to reclaim access to their account. Phishing is an industry-wide problem and Microsoft is committed to helping consumers have a safe, secure and positive online experience.