Technology website Neowin.net said that Windows Live Hotmail was part of a possible phishing hack, and that an anonymous user posted details of the accounts on developer site pastebin.com last Thursday.
Neowin.net said it had seen part of the list posted, and could confirm that the list was genuine and mostly from Europe. The list apparently showed over 10,000 accounts from the letters A to B, but there was a suggestion there could be additional lists.
The report said that accounts only used to access Windows Live Hotmail were affected, including @hotmail.com, @msn.com and @live.com accounts.
"Microsoft has been made aware of the claims that Windows Live IDs and passwords have been made available on the web," Microsoft said in a statement.
It added: "We're actively investigating the situation and will take appropriate steps as rapidly as possible. Microsoft is committed to protecting the privacy of our customers and believe they deserve to have their personal data used only in ways they have agreed to, and in ways that provide value of them."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.