Gmail, Yahoo, Others Also Hit in Hotmail Attack

News
By published

Yesterday all 21 million Hotmail users were encouraged to change their passwords when the login details of 10,000 mostly European users were posted online. Today we learn that Microsoft's Hotmail was not the only email provider targeted in the attack.

The BBC today reports that it has received confirmation from Google that Gmail was also targeted in what the search giant described as an "industry-wide phishing scam."

"We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts," a Google spokesperson told the Beeb. "As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them."

Google went on to say that the scam was not a breach of Gmail security but "a scam to get users to give away their personal information to hackers."

The news comes following a previous report in which the BBC claimed to have seen a list of 20,000 logins and passwords for Hotmail, Yahoo, AOL, Gmail and other accounts. This number has since crept up to 30,000.

I think I speak for everyone when I say, 'Ugh!' There's nothing more annoying than a phishing scam that forces you to change your passwords for everything 'just in case.'

TOPICS

Intel officially cuts Core Ultra 7 200-series desktop CPU prices by up to 25%

Nvidia and MediaTek may unveil jointly developed 'N1' Arm chips for Windows PCs at Computex

Dell lists a hot deal with $400 off this RTX 5080 Alienware gaming PC
See more latest
24 Comments Comment from the forums
  • El_Capitan
    Fool me once, shame on — shame on you. Fool me — you can't get fooled again.
    Reply
  • ssalim
    Luckily I switched to 10minutemail... lol j/k
    Reply
  • hellwig
    I only give my email password out to people who use the Hotmail logo in their emails. I'm pretty sure that makes them official, even though I use Yahoo mail. Hmm.....
    Reply
  • JasonAkkerman
    Never enter your password (or any important information) into a website that you arrived at via a link. Always go to important sites (email, bank, etc) by typing in the address, or a bookmark.

    It's that easy people.
    Reply
  • El_Capitan
    If anyone needs their e-mail password secured, just relay your e-mail, password, and security question and answer to me and I'll do it for free! Plus, I'll need your Social Security number to verify your identity.
    Reply
  • @JasonAkkerman:

    Yeah, it'll be that easy until you get hit by a DNS hijacking attack. There are two kinds of people that get duped by phishing attacks: The arrogant, and the ignorant. Don't be either.
    Reply
  • JasonAkkerman
    kaseykrehbiel@JasonAkkerman:Yeah, it'll be that easy until you get hit by a DNS hijacking attack. There are two kinds of people that get duped by phishing attacks: The arrogant, and the ignorant. Don't be either.
    While you are correct that a DNS hijack could occur, I was simply referring to the context of the article. Regardless of the fact that DNS hijacking is a much less effective way of securing user information than phishing (it's also less prevalent) , but if somehow someone did manage to compromise your system and change your DNS settings you have much larger problems.

    Reply
  • there are some sites that in order to reply to a topic,you need to login in your GMail or facebook account.
    I believe this also could be a serious breach in security,especially since many blogs are not related.
    Makes me not dare to reply on any but a trusted blog; or use a scam/crap/spam email, which they can have the password to,and access to the tens or hundreds of daily spam mails.
    Reply
  • cabose369
    ahahah all you stupid Gmail fan boys who yesterday put "thats why gmail is better", blah, blah, blah... not so smart are you now. Besides... is a phishing scam. If you are stupid enough to put your login info on a phishing site you deserve to lose your data.
    Reply
  • Envinyanta
    I think I speak for everyone when I say, 'Ugh!' There's nothing more annoying than a phishing scam that forces you to change your passwords for everything 'just in case.'

    Just a little over-dramatic? I can think of a LOT more annoying things than my e-mail provider taking an extra step to keep my account secure. (like, oh, having all my personal information stolen, my credit ruined, etc. Not to mention everything else in the world) Given that most businesses require password changes for employees on a regular basis anyway (including all the ones I've worked at for the past 10 years), I'm pleased to see Google taking the extra step 'just in case' to help protect its users. If that's the extent of the inconvenience then we should be grateful.
    Reply
Most Popular
Intel
Intel officially cuts Core Ultra 7 200-series desktop CPU prices by up to 25%
Nvidia
Nvidia and MediaTek may unveil jointly developed 'N1' Arm chips for Windows PCs at Computex
Arctic MX Authenticity Check system
To combat counterfeit thermal paste, Arctic updates scratch-off QR code authentication
Overclocking Arrow Lake
Intel's Core Ultra 7 265K drops to $300 across various retailers
The iStorage diskAshur DT3 encrypted HDD
'World's First' encrypted 26TB hard disk debuts with diskAshur DT3 and DT2 models
Gigabyte RTX 5060/Ti lineup
RTX 5060 launches May 19 on desktops and laptops, priced from $299 and $1,099, respectively
Linux
My week with Linux: I'm dumping Windows for Ubuntu to see how it goes
Gigabyte GA-B75M-D3H
Sandy Bridge-era motherboard gets M.2 SSD boot support 12 years after launch — first new BIOS in a decade for decommissioned motherboard
GTX 1080 Ti
Nvidia to drop CUDA support for Maxwell, Pascal, and Volta GPUs with the next major Toolkit release
Microsoft Surface Pro
Microsoft announces colorful new 12-inch Surface Pro and 13-inch Surface Laptop with Snapdragon X Plus