Thousands of Hotmail passwords leaked online
Microsoft is "actively investigating" the possible leak of more than 10,000 account passwords.

The password details of thousands of Hotmail accounts have been leaked online, according to reports.
Technology website Neowin.net said that Windows Live Hotmail was part of a possible phishing hack, and that an anonymous user posted details of the accounts on developer site pastebin.com last Thursday.
Neowin.net said it had seen part of the list posted, and could confirm that the list was genuine and mostly from Europe. The list apparently showed over 10,000 accounts from the letters A to B, but there was a suggestion there could be additional lists.
The report said that accounts only used to access Windows Live Hotmail were affected, including @hotmail.com, @msn.com and @live.com accounts.
"Microsoft has been made aware of the claims that Windows Live IDs and passwords have been made available on the web," Microsoft said in a statement.
It added: "We're actively investigating the situation and will take appropriate steps as rapidly as possible. Microsoft is committed to protecting the privacy of our customers and believe they deserve to have their personal data used only in ways they have agreed to, and in ways that provide value of them."
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
-
M&S suspends online sales as 'cyber incident' continues
News Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
By Ross Kelly
-
Manners cost nothing, unless you’re using ChatGPT
Opinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
By Ross Kelly
-
I love magic links – why aren’t more services using them?
Opinion Using magic links instead of passwords is safe and easy but they’re still infuriatingly underused by businesses
By Solomon Klappholz
-
Password management startup Passbolt secures $8 million to shake up credential security
News Password management startup Passbolt has secured $8 million in funding as part of a Series A investment round.
By Ross Kelly
-
LastPass breach comes back to haunt users as hackers steal $12 million in cryptocurrency
News The hackers behind the LastPass breach are on a rampage two years after their initial attack
By Solomon Klappholz
-
GitHub launches passkeys beta for passwordless authentication
News Users can now opt-in to using passkeys, replacing their password and 2FA method
By Daniel Todd
-
Microsoft SQL password-guessing attacks rising as hackers pivot from OneNote vectors
News Database admins are advised to enforce better controls as attacks ending in ransomware are being observed
By Rory Bathgate
-
No, Microsoft SharePoint isn’t cracking users’ passwords
News The discovery sparked concerns over potentially invasive antivirus scanning practices by Microsoft
By Ross Kelly
-
Microsoft Authenticator mandates number matching to counter MFA fatigue attacks
News The added layer of complexity aims to keep social engineering at bay
By Connor Jones
-
As Google launches passwordless authentication for all, what are the business benefits of passkeys?
News Google follows Apple in its latest shift to passwordless authentication, but what are the benefits?
By Ross Kelly