Gmail, Yahoo, AOL also hit by e-mail phishing scheme
Google's Gmail and Yahoo's Mail were also targeted by a large-scale phishing attack, probably the same one that attacked at least 10,000 passwords from Microsoft's Windows Live Hotmail, according to a report by the BBC.
Google described the issue as an industrywide phishing scheme. BBC News said it has seen two lists posted online with more than 30,000 names and passwords from Gmail, Yahoo, AOL, Microsoft's Windows Live Hotmail, and other service providers.
We recently became aware of an industrywide phishing scheme through which hackers gained user credentials for Web-based mail accounts including Gmail accounts, a Google spokesperson said.
The search engine giant said their servers were not responsible for the security breach and that individuals had been conned into handing over their details. But it has been reported that more lists have also been circulated with genuine account information relating to email on Google, Yahoo, Comcast and Earthlink, as well as other third-party web mail services.
Neil O'Neil, an ethical hacker and digital forensics investigator at secure payments specialist The Logic Group, told Sky News that up to a million passwords could have been accessed.
Making the breach public so soon after the attack occurred has allowed unethical hackers to access the passwords very easily, even though they were deleted a couple of days ago at the request of Microsoft, he explained.
People tend to have the same password across many accounts — so there is a good chance that individuals have also compromised the integrity of their eBay or PayPal accounts too.
The list went through A and B, so you would think whoever released these has more. And if you do the maths, they could have more than a million passwords.
Neowin.net, the site that first reported the Hotmail account hijacking early Monday, added today that it had seen the same list of compromised accounts as the BBC.
Neowin can today reveal that more lists are circulating with genuine account information and that over 20,000 accounts have now been compromised, according to the report on its site.
[The] new list contains e-mail accounts for Gmail, Yahoo, Comcast, EarthLink and other third-party popular Web mail services.
The passwords apparently first hit the Internet on October 1.
© Copyright IBTimes 2024. All rights reserved.
-
Mass Cancellations Loom Despite French Air Union Cancelling Strike
-
Recycled 'Zombie' Misinformation Targets US Voters
-
Hackers Leak Part Of Source Code Of El Salvador's Bitcoin Wallet
-
Azerbaijan Says 'Closer Than Ever' To Armenia Peace Deal Amid Border Talks
-
How UK's Biggest Water Supplier Sank Into Crisis
-
Taiwan Hit By Dozens Of Strong Aftershocks From Deadly Quake
-
Gaza Health System 'Completely Obliterated': UN Expert
-
In Ecuadoran Amazon, Butterflies Provide A Gauge Of Climate Change
-
'Thank You, America:' Zelensky And Netanyahu Applaud House Passage Of Foreign Aid Package
-
Women Journalists Bear The Brunt Of Cyberbullying
