According to several news reports, Hotmail users were hit by phishing attack which resulted in more than 10,000 user accounts and passwords being posted online.
Microsoft naturally launched an investigation to find out just how exactly the user credentials were acquired and afterward exposed on a website.
The list which was posted on pastebin.com by an anonymous user included details of accounts with email addresses ending hotmail.com, live.com and msn.com. Neowin confirmed that the accounts are genuine and most appear to be based in Europe.
Microsoft recommends customers use the following protective security measures:
- Renew their passwords for Windows Live IDs every 90 days
- For administrators, make sure you approve and authenticate only users that you know and can verify credentials
- As phishing sites can also pose additional threats, please install and keep anti-virus software up to date.