Skype has plugged a hole in its password recovery process that allowed outsiders to gain control of a Skype user’s account.
The flaw was first discovered by a group of Russian hackers about two months ago, according to The Next Web. All hackers need to break into your account is your Skype user name and corresponding email address.
The Microsoft-owned VoIP service said it’s aware of the flaw and temporarily turned off the email password recovery process this morning. The flaw, Skype said, only affected a small number of its users who had multiple Skype accounts registered to a single email address.
“We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly,” Skype told TNW. “We are reaching out to a small number of users who may have been impacted to assist as necessary.”
We’ve asked the company for more information and will updated this post with anything new.
VB’s research team is studying mobile user acquisition: Chime in here, and we’ll share the results.