Skype has sent out an email titled âUnauthorized activity on your Skype accountâ to all those accounts that were hijacked by a recently discovered security hole that was patched earlier today. Since I let one of my colleagues hijack my account as a way to test the legitimacy of the issue, I was one of the recipients of such an email.
TNW staff that had their Skype accounts voluntarily hijacked as part of my testing also received emails. If I try to log into Skype, here is the message I receive:
I clicked on the âcan confirm your identity and release your accountâ link in the email to start the process. I was asked for my Skype Name, email address, the year I created my Skype account (I had no idea, but was told it wasnât critical), and the country I was in when I did so. I was also asked what payment methods I used to pay for Skype, if at all, and finally to give details on three of my Skype contacts.
After that Skype thanked me and spit out this automated message:
Looks like weâve got everything we need
Weâve received your support request and will aim to get back to you as soon as we can. Learn more about getting support for Skype.
Mere minutes later (or about as long as it takes to write this article, I received an email telling me that all is well:
The short wait time makes sense, given that Skype says only a âsmall numberâ of users had their accounts hijacked in this way. I clicked on the link, and received yet another email.
Inside was a password token and a link. I followed the steps to reset my password and was quickly told âYour password has been changed. You can sign in to Skype with your new password.â
Finally, the fourth and last email arrived titled âPassword successfully changed.â If you had your account hijacked, whether you knew it or not, youâll have to go through these steps too.
We have contacted Skype for more information. We will update this article if and when we hear back.
Previous coverage â Security hole allows anyone to hijack your Skype account using only your email address and Skype plugs security hole letting anyone hijack accounts, says âsmall numberâ of users affected
Image credit: Neil Gould