Microsoft has temporarily removed the password reset option on the Skype page until it issues a fix on the matter. Furthermore, the company has confirmed for The Verge that it’s looking into the problem right now.
“We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority,” Microsoft said.
As it was reported earlier, Russian hackers have found a way to break into any Skype account using only the original email address provided at registration.
TNW reports that Microsoft has already been informed of the glitch and, although the security hole was discovered nearly two months ago, they’re still working on a fix.
Basically, hackers only need the username and the email address of the Skype account in order to reset the password and get access to the targeted account. It all comes down to a total of five different steps which are (fortunately) unavailable for the time being.
There’s no way to protect yourself from this kind of attacks, but you could try changing your email address, just to make sure hackers don’t find it. Skype is working on the problem, so an official statement should be released soon.