Thousands of Hotmail users' details have been posted online after what Microsoft says is likely to be a phishing attack.
Neowin.net first reported the leak when it found username and password details posted online at pastebin.com, a site where developers share code.
Around 10,000 people were affected, according to Neowin, spanning hotmail.com, msn.com and live.com accounts.
The list, which alphabetically details accounts from A to B, suggests the anonymous party that originally posted it on October 1 could have details for thousands more accounts.
Neowin reported the list's existence to Microsoft's Security Response Centre, which confirmed that the data did not come from an internal breach and the list was most likely proceeds of a phishing scheme.
"Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a likely phishing scheme," Microsoft said in a statement.
"Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."
Hotmail, msn and Live users are advised to change their account passwords as soon as possible.
- NZ HERALD STAFF
Hotmail, msn users hit in 'phishing attack'
AdvertisementAdvertise with NZME.