Yahoo, Gmail, Hotmail plundered in massive attack

In a phishing scam of gigantic proportions, hackers plundered password information of thousands of email accounts, including those of Gmail, Hotmail, Yahoo, AOL and Earthlink, over the last two days. Most accounts are of users based in Europe.

The security breach, first reported on tech blog Neowin on Monday, forced software behemoth Microsoft to block access to many accounts on Hotmail, its free web-based email service.

Search giant Google confirmed to BBC News that Gmail also was targeted as part of an industry-wide phishing scheme. While stressing that the firm had taken immediate action to safeguard the affected accounts, Google made it clear that the scam was not a breach of Gmail security but rather a scam to get users to give away their personal information to hackers.

Neowin, the blog that revealed information of 10,000 accounts initially, is likely to reveal that more genuine account information is in circulation, and that over 20,000 accounts may have been compromised. It has a new list revealing that accounts for Gmail, Yahoo, Comcast, Earthlink and other third party web-mail services have also been hacked. BBC News said it has seen two lists containing 30,000 names and passwords posted on a website.

“We are aware that some Windows Live Hotmail customers’ credentials were acquired illegally by a phishing scheme and exposed on a website,” Microsoft said, adding that measures were taken to block access to accounts that were exposed.