More than 10,000 Hotmail passwords have been hacked and posted online, a technology website reported today.
Microsoft, which owns the email service, said it had not yet been able to confirm the report, but it was "actively investigating the situation".
Technology blog neowin.net reported that an anonymous user had posted the details of Windows Live Hotmail accounts on pastebin.com, a site used by developers to share code, on 1 October.
Neowin administrator Tom Warren wrote on the blog: "The details have since been removed but Neowin has seen part of the list posted and can confirm the accounts are genuine and most appear to be based in Europe.
"The list details over 10,000 accounts starting from A through to B, suggesting there could be additional lists.
"Currently it appears only accounts used to access Microsoft's Windows Live Hotmail have been posted, this includes hotmail.com, msn.com and live.com accounts."
The blog suggested the details were obtained through a hack or "phishing" scam, in which fake websites are used to trick people into revealing usernames, passwords and other information.
A Microsoft spokesman said: "Microsoft has been made aware of the claims that Windows Live IDs and passwords have been made available on the web.
"We're actively investigating the situation and will take appropriate steps as rapidly as possible.
"Microsoft is committed to protecting the privacy of our customers and believe they deserve to have their personal data used only in ways they have agreed to, and in ways that provide value to them."
Neowin recommended Windows Live Hotmail users "change your password and security question immediately".