Microsoft Official Advice RE: Hotmail passwords leaked

[ZeroHour]

We have been contacted by Microsoft regarding the hotmail passwords list and they have asked us to post the following info to you in case its needed by anyone who has been hacked etc and as a general fyi.

We are aware that some Windows Live Hotmail customers’ credentials were acquired illegally by a phishing scheme and exposed on a website. Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation. As part of that investigation, we determined that this is not a breach of any Microsoft servers. Subsequently we are taking measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts.

If users believe their information was documented on the illegal list, users should fill out the following form to reclaim access to their account. Phishing is an industry-wide problem and Microsoft is committed to helping consumers have a safe, secure and positive online experience. General information on what to do if you believe you have been victimized via a phishing scam is available on this page at our support community.

Additional Points
Phishing is an industry-wide problem and Microsoft is committed to helping consumers have a safe, secure and positive online experience. Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software.

Microsoft recommends customers use the following protective security measures:

• Renew their passwords for Windows Live IDs every 90 days
• For administrators, make sure you approve and authenticate only users that you know and can verify credentials
• As phishing sites can also pose additional threats, install and keep anti-virus software up to date

I am glad to see Microsoft trying to get the information out there for people not in the know (like a lot of *staff*) so feel free to pass it on to your staff.
You could even mention that MS do free av now at http://www.microsoft.com/security_essentials/ (no MS did not ask me to put this in before asking) and its getting good writeups as far as I have seen and anything is better then AVG free

[leco]

I know that a few members of staff have hotmail accounts - I'll make sure this is circulated in school. Thanks.

[EduTech]

I have used Security Essentials on a few machines and it is very good, i dont think it is slow at all.. the initial scan of my computer took around 25 minutes (and i have rather alot of data) i did something the other day for someone cant remember what it was, but i went on the website and it downloaded something in temp files and it flagged it up straight away and removed it

I had a member of staff come in the other day with no anti virus on there machine, installed MS Security Essentials and it got rid of all the viruses and malware and now the laptop works fine

So it has a big thumbs up from me!

James.