某国外网站一篇名为“Thousands of Hotmail passwords leaked online”标题的文章吸引了众多目光,短短几小时,点击率已经达10几万,翻译成中文便为“成千上万的Hotmail密码泄漏”。
  内容提到“微软Live Hotmail服务可能被黑客攻破,因为有匿名人士在pastebin.com网站上公布了1万多个Live Hotmail电子邮件帐户名和密码,且全部为真实信息。”这些帐户大部分来自欧洲,全部以A和B开头,受影响的帐户包括@hotmail.com、@msn.com和@live.com。
  今天微软承认,确实有数千个帐户信息被公之于众,但Live Hotmail服务并未被攻陷。被公布的帐户信息可能是通过“钓鱼”攻击而获得。  该发言人还称,微软已启动相应程序,确保用户重新控制自己的帐户。
  反钓鱼工作组(APWG)主席戴夫·埃文斯(Dave Jevans)称:“这的确是一起大规模钓鱼攻击,但规模也在合理范围之内。我们曾遇过针对ISP的钓鱼攻击,有5万至7.5万个帐户被骗。” 

国内网站报道:
  新浪科技讯 北京时间10月6日上午消息,据国外媒体报道,微软今天表示,Hotmail电子邮件服务部分用户密码被泄露到一个网站,但该网站已经被关闭。
  微软没有披露受到影响的用户数量。据称,逾1万个Hotmail账户密码被泄露。微软发言人表示,“我们已经得知,部分Windows Live Hotmail用户密码被黑客泄露到一个网站上。”
  微软称,该网站已经被关闭,而且删除了用户密码。微软还指出,该公司已经封杀了所有受影响账户,正在帮助用户“收回”自己的账户。
  微软称,这次密码泄露事件并非是由其服务器故障造成的。

IT168
  超过10,000微软Live帐户更新登录凭据已经被张贴到互联网,此次泄密事件已经开始愈演愈烈。
  目前已经有10028个账号密码被张贴到公共网站Pastebin.com的多个页面上,按字母顺序从ararat973@hoymail.com开始,到blando2713@hotmail.com结束。
  微软发言人表示,已经确认这并非微软内部数据破坏和泄漏,目前尚不知道这些神秘的发帖者们还有没有更多的账户信息,但泄露最有可能的原因是恶徒们利用击键记录木马程序或网络钓鱼诈骗得到的账户密码,并出来炫耀。
  黑客们通常用邮件中虚假链接和邀请函来骗取用户邮箱账户和密码,甚至面对不同的国家用户还有多语言支持。

以下为报道原文:
Neowin has received information regarding a possible Windows Live Hotmail "hack" or phishing scheme where password details of thousands of Hotmail accounts have been posted online.

An anonymous user posted details of the accounts on October 1 at pastebin.com, a site commonly used by developers to share code snippets. The details have since been removed but Neowin has seen part of the list posted and can confirm the accounts are genuine and most appear to be based in Europe. The list details over 10,000 accounts starting from A through to B, suggesting there could be additional lists. Currently it appears only accounts used to access Microsoft's Windows Live Hotmail have been posted, this includes @hotmail.com, @msn.com and @live.com accounts.

Neowin has reported this immediately to Microsoft's Security Response Center and to Microsoft's PR teams in the UK and US and we are currently awaiting feedback on the situation. As this is a breaking story please check back frequently as the story will be updated as soon as more information becomes available.

If you are a Windows Live Hotmail user Neowin recommends that you change your password and security question immediately.

Thanks to Chris for the news tip

Update: According to BBC News, Microsoft is currently "investigating the situation and will take appropriate steps as rapidly as possible."

Update 2: Microsoft has now fully confirmed our reports. According to a Microsoft spokesperson "over the weekend Microsoft learned that several thousand Windows Live Hotmail customer's credentials were exposed on a third-party site due to a likely phishing scheme. Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."

感谢您的阅读,本文由 蓝色梦想 版权所有。如若转载,请注明出处:蓝色梦想 - 微软承认Hotmail账户密码泄露 用户达上万