It seems that a list of 10,000 Hotmail usernames and passwords has been posted on pastebin.com in recent days.
Pastebin was created as a tool to aid software development, not to distribute this sort of material.
As a result of the interest this story is generating, pastebin.com is experiencing huge levels of activity – as a result I took it offline to ensure all the offending material has been removed, and have adjusted the abuse filters prevent re-occurence.
Edit: please don’t ask if you name was on the list. I have no way of knowing. Just change your password.
Edit #2: things have calmed down now, and I’ve written a longer post about the incident here.
has this account been posted?
I do not have a copy of the list – suggest you try searching google for your email address and see what comes up.
I suspect you’re getting a lot of traffic your way thanks to this 😐
Anything I can do to ease the load? Happy to provide mirroring of your blog or pastebin, or just host a simple “pastebin is temporarily offline” message, or anything that could be useful.
ITs good to hear that, Its absoluto not fair to get troubles in our website for another person who posted that kind of information.
One question. Why I had to leave my e-mail and the password to post this comment? . . . just joking xD.
It’s so lame that you’re adding an abuse filter for this. It’s not your fault, don’t correct it.
I will replace the filter with one more specifically targeting general lists of email addresses in a few days.
its the oldes tric in the book used at my mum and told her what i did
these day’s they claim to have a bock checker
dont open the link from any1 you recieve it !!!!!!!!
i’ve you did than change your password right away
How do I know if my emailadress was on that list?! Could you post the list, without passwords, or at least the first 4 letters of the adresses to prevent abuse.
@hamids
Just change your hotmail password and you are done! It’s that easy!
Now, When I write my email in a google page, I can see my password associated with my e mail. Of course, I can’t indicate my mail but I would like to see the whole cancelation of passwords in google page.
I don’t want to enter any information about me there are hackers all around me.
Thanks for you action – it has been a good reminder to change my password more often
How do I know if my emailadress was on that list?! Could you post the list, without passwords
If you can enter in your mail now, your account is not in the list. All accounts in the list were bloqued by Microsoft.
Don’t post the liste please !!!!!!!!!!
You can make the following test if you want to know if your account is the list.
1/ Open a google windows
2/ Write your e mail adresse in the google motor search
3/ If you see your account with your password in google motor search, your account has been hacked
Somebody know if we can use our account in the future and how Microsoft can send our new password.
Many thanks and sorry for my english.
Somebody did that to my email once a while back. Why do people do such malicious things?
If you search for your full email address in google within speech marks, and see your email address displayed, then change your password and any other places you use the same password immediately.
Phishing scams have been in existence for a very long time. The very fact that this has made main stream news will be a wake up call to the nation to safeguard their passwords, and the very existence of phishing scams making people think twice about hitting reply to a phishing email.
I don’t think you should block everything… Please tell me we can still post more than just a few sentences. Deleting offending entries is probably the best answer, I’m sure theres legitimate email address lists as well. Anything can be malicious, are we going to block all programming pastes also because of a few malicious ones?? or all english stories because of illegal bestiality text porno pastes ?
The moderator has taken a very responsible action. Thumbs up to you.
I hope Microsfot Ltd. could improve its technology abilities and levels, so that they can block anyone activities on heaking the hotmail, you may imagine more and more people hope to get others password for seeking they eyes and minds. It is so terrifying thing in the world.
Actually, I feel a bit relieved that these data were published online “only”. This might mean, the addresses, telephonenumbers, etc. were not sold to fraudulent companies who would start spam- and telefone-terror on the victims.
As it is, it looks more like a big hoax, which will hopefully teach Hotmail- and MSN-Messenger-Users to not enter their emailaddresses + passwords into any friendfinders. — And specially never ever join Programs, that promise to tell them “Who Blocked You on MSN”!
wow are the man,but i think people like you will make chaos one day,if you play with fire….
I’d just like to access pastebin – I’m locked out with some nonsense message bout being referred from some link…
I will just close my account with hotmail and go somewhere else
Bye bye hotmail, and hello Gmail
me hackearon mi cuenta de hotmail no se vale quiero entrar y no puedo como puedo hacer para recuperar mi cuenta ya tengo años con ella.
Pingback: La lista de contraseñas de correos electrónicos pirateadas crece « Informática
I all along suspected this’d happen. Microsoft and its intention of taking over the entire market forgets simple things like these! Some sould tell Bill Gates that he’s living past his expiry date!
Welcome to GMAIL ladies and gentlemen
YOU SHOULD HAVE, OR AT LEAST NOW, SHOULD, INTIMATE TO EACH AND EVERY OF THOSE HOTMAIL ACCOUNT HOLDERS WHOSE PASSWORDS YOU LEAKED OUT, EXPLANINING HOW VULNERABLE THE HOTMAIL PASSWORDS HAVE BEEN PROVED TO BE, AND THAT IT IS NONE OF YOUR INTENTION TO MISUSE THE PASSWORDS IN ANY WAY, BUT RATHER TO JUST CREATE AN INSTANCE BY WHICH YOUR DEBUGGING SERVICES ARE SHOWN TO BE PROFESSIONALLY AND TECHNICALLY SOPHISTICATED/ SUPERIOR. YOU SHOULD ALSO POINT OUT THAT IT IS NOW THE DISCRETION OF THE HOTMAIL USERS TO CONTINUE TO USE HOTMAIL (OR NOT) AND IN THE MANNER THEY WANT. INDEED IF YOU DO NOT DO THIS, I THINK YOU ARE LIABLE TO BE CALUMNISED AS ONE WHO MISUSED TECHNOLOGY FOR ‘CHEAP’ PUBLICITY YOUR SERVICES.
@Paul Krish: I have not sought any publicity and want nothing to do with this.
It is not clear to me, and it may not, I believe, to be clear to many others, whether your ‘debugging’ technology is capable of exposing only Microsoft hotmail’s vulnerability or it is “more versatile” (say capable of decoding other mail passwords such as Google as well). Should it have such a power and versatility, it would mean that all internet mailing is likely far from perfect in terms of privacy and security.
@Balumethu: my “debugging technology” is just a site where *anyone* can post a fragment of text, in a way that is useful to a programmer.
It has nothing to do with exposing email vulnerabilities.
Also, the list which is going around was generated not by “hacking” Microsoft, but by asking users for their passwords. For example, in a site which promises to tell you who is blocking you if you enter your account details.
I have had nothing to do with this list, apart from deleting it from my website as soon as I was aware it.
Pingback: Arvutikaitse » Blog Archive » Hotmaili, Gmaili varastatud paroolidest
Hi, lordelph, at what date you first found email-lists were posted up at pastebin? Did you delete the list immediately when you awared it? So, how long did these list be seen at pastebin then?
was this email address posted
DELETED@hotmail.com@Byron: I have no way of knowing. I don’t have the list.
@Grace: sometime between 1st and 5th Oct – I delete flagged abusive posts daily, and I certainly deleted at least one password list before the story become “news”. List was probably available for a few days.
It was the right thing to do to take the list down. Maybe people should change their passwords more often now
I am moving to gmail now 🙂
Phishing always struck me as being for odd people !
all emails including .com should change their passwords, .de or .it or others are safe as i know
For all the people who are migrating to Gmail…There was also a list with Gmail, Yahoo and other accounts posted on the internet (I even thought/heard this website?), so that won’t really help.
What a great discovery this site is as an aspiring programmer! yes ppl, change your passwords. Thanks for a great site Lordelph I look forward to using it =)
I can sign in to my mail inbox but I can’t get into WLM with annoying message that my contact list is not avialable plz try again l8r. any ideas?
@Byron, you are not in the list 😉
How should I know whether my hotmail was hacked?
You just have write your email adress in a google page, if your mail appears with your password in a link with the word “pastebin.com” your hotmail was hacked
Yikes – this is worrying
Omfg – couldn’t u just leave the user list alone so we could check if our account is in danger? I’m not going to change my password at my 20 gmail accounts just because the password to it can be somewhere on the Internet. I’m phishing-proof so probably my accounts r safe but I won’t change my passwords AGAIN in one week ffs.
Lordelph, are you a hacker who hacked hotmail, gmail and yahoo? ha?
me gustaria saber si me ha pasado lo ismo or q el domingo se me ffue oniendo de que me habia iniciado desd e otra ubicacion donde lo puedo saber?
donde se cambia la contraseña me lo podeeis decir ppor favorrrrrrrrrrrrr
gracias adiosssss
contestarme.
I took the advice and googled my email it appears on pastebin.ca so whilst.