Thousands of Hotmail passwords leaked online
Microsoft is "actively investigating" the possible leak of more than 10,000 account passwords.

The password details of thousands of Hotmail accounts have been leaked online, according to reports.
Technology website Neowin.net said that Windows Live Hotmail was part of a possible phishing hack, and that an anonymous user posted details of the accounts on developer site pastebin.com last Thursday.
Neowin.net said it had seen part of the list posted, and could confirm that the list was genuine and mostly from Europe. The list apparently showed over 10,000 accounts from the letters A to B, but there was a suggestion there could be additional lists.
The report said that accounts only used to access Windows Live Hotmail were affected, including @hotmail.com, @msn.com and @live.com accounts.
"Microsoft has been made aware of the claims that Windows Live IDs and passwords have been made available on the web," Microsoft said in a statement.
It added: "We're actively investigating the situation and will take appropriate steps as rapidly as possible. Microsoft is committed to protecting the privacy of our customers and believe they deserve to have their personal data used only in ways they have agreed to, and in ways that provide value of them."
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
-
The NCSC wants you to start using password managers and passkeys – here’s how to choose the best options
News New guidance from the NCSC recommends using passkeys and password managers – but how can you choose the best option? ITPro has you covered.
-
I love magic links – why aren’t more services using them?
Opinion Using magic links instead of passwords is safe and easy but they’re still infuriatingly underused by businesses
-
Password management startup Passbolt secures $8 million to shake up credential security
News Password management startup Passbolt has secured $8 million in funding as part of a Series A investment round.
-
LastPass breach comes back to haunt users as hackers steal $12 million in cryptocurrency
News The hackers behind the LastPass breach are on a rampage two years after their initial attack
-
GitHub launches passkeys beta for passwordless authentication
News Users can now opt-in to using passkeys, replacing their password and 2FA method
-
Microsoft SQL password-guessing attacks rising as hackers pivot from OneNote vectors
News Database admins are advised to enforce better controls as attacks ending in ransomware are being observed
-
No, Microsoft SharePoint isn’t cracking users’ passwords
News The discovery sparked concerns over potentially invasive antivirus scanning practices by Microsoft
-
Microsoft Authenticator mandates number matching to counter MFA fatigue attacks
News The added layer of complexity aims to keep social engineering at bay