Feeds

Massive security breach affects Hotmail users

How's this one going to be fixed, long term?

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Updated A catastrophic breach in Hotmail security means that anyone who has one of the freebie mail accounts can have his or her emails read by others. At the same time, the breach means that once people have logged into the system, they can send, receive and delete emails using that account to their heart's content. The breach, just tested by The Register using one of our own writer's Hotmail accounts, and found to work, uses a Web address in which you type a hotmail handle. You then have full access to that Hotmail account, with all rights. When we logged into the server, which was based in Sweden, we were able to send and receive mail from our account. The ISP hosting that site, now appears to have taken the Web interface down. Microsoft brought down Hotmail when it heard about the problem and has apparently said it has fixed the problem. But the fact it existed in the first place must pose serious questions about how safe such freemail accounts are, and whether it is possible for hackers to do the same thing again. End users were still reporting serious problems with Hotmail four hours after we filed our own story, as it attempted to cope with repeated attempts by people to use alternative Web sites that have sprung up across the world. As yet, it is impossible to assess how many end user's Hotmail accounts were hacked into before the problem was addressed.®

Choosing a cloud hosting partner with confidence

More from The Register

next story
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
NSA mass spying reform KILLED by US Senators
Democrats needed just TWO more votes to keep alive bill reining in some surveillance
'Internet Freedom Panel' to keep web overlord ICANN out of Russian hands – new proposal
Come back with our internet! cries Republican drawing up bill
What a Mesa: Apple vows to re-use titsup GT sapphire glass plant
Commits to American manufacturing ... of secret tech
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.