You may have seen the news that broke this week on a phishing scheme that has allowed scammers to harvest credentials from Hotmail accounts, leaking a list of thousands of log-in details online. Now it seems the scope is more widespread, and is involving users of other web-based mail accounts.

The BBC has reported seeing “a list of more than 20,000 more names and passwords that have been posted online. The list contains e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail…other addresses include Comcast and Earthlink accounts.” Full details are available in the BBC News report.

One of the ultimate worries here: once your e-mail account is compromised, hackers can potentially use it to gain credentials for your other sensitive accounts, by using the ‘forgot your password’ function that sites use to send out lost passwords to their customers.

If you follow our security tips and news here at Lavasoft, you know that, to stay secure, you should update your passwords on a regular basis. But, if you have one of the e-mail accounts mentioned above, it may be an especially good time to change your password. Just make sure you make it a good one! According to reports, an analysis of the leaked results have shown how weak our passwords are; for example, the most commonly used password was found to be “123456”. If that sounds a little too familiar, get some help by reading our password-creating tips in the Lavasoft Security Center.