OS/Platform/Application:

Microsoft Windows Live Hotmail

Category: ALERT
Severity: HIGH
Attention: Hotmail users, System Administrators, Desktop Support Personnel.

Summary: Microsoft is reporting that a recent "likely phishing scheme" has resulted in the compromise and publication of several thousand hotmail account credentials (including passwords).  As part of its reaction to this event Microsoft has locked access to those accounts which it believes to have been compromised. 

Recommended Actions: The account locking action may have caused a temporary or permanent lack of access to some users' hotmail accounts.  Users who believe their accounts have been exposed/locked can fill out a form listed on the advisory (link provided below) to regain access to their accounts.

Microsoft recommends that hotmail users changer their passwords at least every 90 days.  Hotmail users are encouraged to change their passwords NOW regardless of the last time they were changed as it is impossible to determine if all exposed accounts have been accounted for.

Readers are encouraged to share this alert with family, friends, and associates.

ITS Actions: N/A

Resources:

Windows Live Hotmail blog entry (provides details of event and remediation procedures):
http://windowslivewire.spaces.live.com/blog/cns!2F7EB29B42641D59!41528.entry?wa=wsignin1.0&sa=363915619