Categories: SecurityWorkspace

Skype Rushes To Fix Password Reset Foul-Up

Microsoft-owned Skype has updated its password reset process after a remarkably simple account hacking technique started attracting attention.

A post on Reddit this week explained how simple the “hack” was. All nefarious types had to do was create a new Skype account and use an email address of a particular target. Once the account was activated, the hacker would just have to ask for a new password to get a reset notification and token sent to their Skype client.

Then they could follow the link to pick the victim’s account and reset the password to whatever they wanted.

Skype response

Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website,” a Skype spokesperson said.

“This issue affected some users where multiple Skype accounts were registered to the same email address. We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly.

“We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologise for the inconvenience.”

Skype did not detail what specific changes had been made to TechWeekEurope.

The company has had to deal with various security issues in recent times. In July, it had to address a flaw that caused some instant messages (IMs) to be sent to random contacts.

How well do you know Internet security? Try our quiz and find out!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 hours ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

3 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

19 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

21 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

22 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

23 hours ago