Microsoft advised users on Monday to reset their Hotmail passwords, if they believed they might have been a victim of a phishing campaign that coaxed victims to part with their online credentials.

The warning came after a list of thousands of Windows Live Hotmail usernames and passwords was revealed on an unnamed third-party Web site. Microsoft investigated the collection of credentials and found them to be valid. The company immediately blocked access to all the affected accounts, according to an advisory posted to the Windows Live team blog.

"Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers," Microsoft wrote in its advisory. "As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."

Microsoft's Windows Live services are a popular target for cybercriminals. In the past, data thieves have used cookie-grabbing exploits to gain access to users' accounts and used CAPTCHA-breaking techniques to register large numbers of accounts for spamming campaigns. Xbox Live, the sister service for Microsoft's popular game console, has also had its issues with phishing.

Microsoft provides a link in the advisory to allow users to regain control of their accounts. The company advised users to change their passwords on all their accounts and check all financial accounts, if they fell prey to the phishing scheme.

If you have tips or insights on this topic, please contact SecurityFocus.