Flaw might have enabled some users to see into other users' accounts, Microsoft says

Dark Reading Staff, Dark Reading

February 18, 2010

1 Min Read

Microsoft is looking into some reported problems with its Windows Live ID service, which supposedly showed some users the wrong accounts when they tried to access Hotmail and other services.

According to news reports, Microsoft is saying that a "limited number" of customers were able to gain access to other users' accounts via Windows Live ID.

The breach occurred when users were trying to get into their own accounts using a mobile-phone Web browser, the company said in a statement.

"Microsoft takes customers' privacy seriously, and immediately upon learning of these reports, we started an investigation," the statement says. "We will take appropriate action once we have completed the investigation."

According to the reports, the Windows Live ID service experienced a short outage around the same time users reported seeing other users' accounts. Microsoft's statement says the company has not determined whether the outage and the user reports are related.

More than 460 million users have online IDs that work with the Windows Live ID system, including users of the popular Hotmail service, according to Microsoft's Web site.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights