Web site provided access to millions of Hotmail messages
August 30, 1999
(CNN) -- Millions of free Internet e-mail accounts provided by Microsoft's Hotmail service were susceptible to a major security breach that allowed access Monday to users' accounts.
The breach worked via a simple Web address which prompted for a Hotmail username. Once the username was entered, the Hotmail account came up and the mailbox was available.
The hack opened all accounts tested by CNN Interactive, but e-mail messages couldn't always be opened.
There was no immediate information on how long the breach was active. Shortly after CNN Interactive posted the story, the site was changed to a simple message, "Microsoft rules." Shortly after that, the URL redirected the user to a site for a new Web company.
The breach allowed users to read and forward a member's old messages, read new messages and send e-mail in some cases under the name of the user -- assuming the member's identity.
Hotmail boasts 40 million subscribers.
A morning telephone call made to the public relations firm that handles Microsoft's publicity was referred to Microsoft's main number in Redmond, Washington.
That call was forwarded by an operator to Microsoft's Corporate Security Desk. "You should send that to firstname.lastname@example.org. " said Greg Betcher, at that desk.
Erik Barkel, of Stockholm, Sweden, was listed in the domain name directory Internic as the administrator for the Web site's domain, but a call to his number did not go through.
Federal agency recruits hacker teens
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.