The security breach Monday of Microsoft’s Hotmail e-mail service was resolved in approximately 10 hours, but opened up the issue of e-mail security throughout the industry.
Some 50 million Hotmail accounts were exposed on Monday by a group of hackers, calling themselves “Hackers Unite,” who set up a Web site that could log in to any Hotmail account without requiring a password. The problem was fixed by Monday evening, Microsoft said, but the experience left some users less than pleased.
In an attempt to appease jolted users, Microsoft (MSFT) posted an explanation letter throughout its site, informing readers that the company is committed to keeping Hotmail secure.
Microsoft spokeswoman Tricia Fahey said the company intends to aggressively prevent further attacks, and that keeping customers out of danger is its highest priority. She also said that Microsoft has not received any customer complaints and that the window of vulnerability was minimal.
That wasn’t enough for some users, including Kara Grehan, a Hotmail user since March.
“I don’t feel comfortable using Hotmail anymore,” Grehan said. “I didn’t like the thought of people being able to read my e-mail or being able to send or forward e-mails using my name. Because of this experience, I’m actively searching for another e-mail provider.”
Charles Rutstein, analyst at Forrester Research, said that while the problem woke people up to security concerns, it will likely just cause a brief ripple in the industry.
“I think it’s yet another battle in an ongoing war,” he said, referring to the security breach. “It’s not the first time it’s happened, and won’t be the last.”
He said that users of the free program “got what they paid for,” and said security breaches are becoming a fact of life for Web-based providers.
In terms of the future, Rutstein said that the Hotmail problem won’t lead to any mass exodus from free e-mail providers.
“There are high-switching costs associated with changing providers,” he said. “If a lot of people have my Hotmail address, it’s not worth it to change.”
He also added that when security problems arise, they get a lot of press for a few days, but “then everyone goes back to what they were doing.”
That’s not the sentiment shared by Grehan.
“Microsoft is a company that is consistently prone to attacks by hackers,” she said, adding that switching to another provider might ease at least some of her security concerns. She admitted security is a problem on any Web-based e-mail system, however, and said from now on if she has information she wants to keep private, she won’t use e-mail.
