Sections

Services

Information

UK United Kingdom

Potential Facebook hack: expired emails

Security researchers in the US believe up to a million Facebook accounts may be at risk via expired Hotmail accounts.

Microsoft retires Hotmail accounts after 270 days of inactivity, making the user name available for anyone to register. If an attacker realises the username is available, they can register the account.

If someone has used that Hotmail account as a Facebook login, the attacker only has to submit a “forgotten password” request for the Facebook account to gain access.

During testing, the researchers gained access to 15 Facebook accounts before stopping the experiment, citing “ethical dilemmas” and “potential legal problems”.

Read more at Rutgers University

Join the conversation

Post a Comment sorted by

    There are no comments on this article yet.
    To have your say and join The Conversation please sign in if you have an account already, or sign up.