We are aware that some Windows Live Hotmail customers’ credentials were acquired illegally by a phishing scheme and exposed on a website. Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation. As part of that investigation, we determined that this is not a breach of any Microsoft servers. Subsequently we are taking measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts.
If users believe their information was documented on the illegal list, users should fill out the following form
to reclaim access to their account. Phishing is an industry-wide problem and Microsoft is committed to helping consumers have a safe, secure and positive online experience. General information on what to do if you believe you have been victimized via a phishing scam is available on this page
at our support community. Additional Points
Phishing is an industry-wide problem and Microsoft is committed to helping consumers have a safe, secure and positive online experience. Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software. Microsoft recommends customers use the following protective security measures:
- Renew their passwords for Windows Live IDs every 90 days
- For administrators, make sure you approve and authenticate only users that you know and can verify credentials
- As phishing sites can also pose additional threats, install and keep anti-virus software up to date