As you may have heard, about 10,000 Hotmail passwords were leaked online yesterday, and that list only started with the letters A and B. At that rate, over 100,000 users could have been lured into giving their passwords to fake websites. Now the BBC says it's seen a list on the same Website that had more than 20,000 email accounts — this time with addresses from Gmail, Yahoo, Comcast, Earthlink and AOL.
The New York Times says Microsoft, Google and Yahoo have confirmed the addresses are real, and that they're helping affected users recover their accounts.
Even though you generally have to be pretty damn gullible to fall for one of these fake sites (or open strange-looking email attachments), now might be a good time to change your webmail password...something you should be doing every now and then anyway. [BBC via New York Times]