Microsoft-owned Skype has updated its password reset process after a remarkably simple account hacking technique started attracting attention.
A post on Reddit this week explained how simple the “hack” was. All nefarious types had to do was create a new Skype account and use an email address of a particular target. Once the account was activated, the hacker would just have to ask for a new password to get a reset notification and token sent to their Skype client.
Then they could follow the link to pick the victim’s account and reset the password to whatever they wanted.
“
“This issue affected some users where multiple Skype accounts were registered to the same email address. We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly.
“We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologise for the inconvenience.”
Skype did not detail what specific changes had been made to TechWeekEurope.
The company has had to deal with various security issues in recent times. In July, it had to address a flaw that caused some instant messages (IMs) to be sent to random contacts.
How well do you know Internet security? Try our quiz and find out!
Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…
Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…
SK Hynix says Nvidia chief executive Jensen Huang asked if production of next-gen HBM4 memory…
Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…
Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…
OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…