Microsoft’s online Windows Live estate was hit by a major server shutdown for about an hour yesterday, after some users of the service complained that they could see other people’s accounts.
“As some of you may have noticed (we heard from you on Twitter!) we had an issue with the Windows Live ID service between 9 and 10AM PST this morning,” admitted Microsoft’s Arthur De Haan yesterday.
“Due to the failure of one server, Windows Live ID logins were failing for some customers, and this increased the load on our remaining servers. We took the problematic server offline and brought a new server into rotation. We identified the root cause and fixed it in less than an hour, but it took a while to resolve the logjam that had built up in the meantime, and to redistribute the load to normal levels.”
We heard from several users affected by the Windows Live security flaw.
"A friend of mine logged into Hotmail through her phone and opened someone else's Hotmail account. She tried twice more and it happened both times, each time opening yet another person's Hotmail," Reg reader Denise Marshall told us.
"This happened when Hotmail's servers were down earlier today but somehow she was able to get on with her phone... I thought this is something really important people should be aware about, especially with online banking and important personal info online."
It’s not clear at this stage if Microsoft decided to shutter one of its servers while the company’s wonks attempted to fix the problem, or if the system simply died on its arse.
Microsoft's Windows Live ID system went offline at around 12.30pm New York time, according to user reports. It prevented some people from accessing their Hotmail accounts and other Windows Live services. Redmond said it manages around 460 million online IDs worldwide.
We’ve asked Microsoft to tell us more about what went wrong and whether yesterday morning’s three-hour outage of the firm’s newly launched Windows Phone 7 Series website was related to the Windows Live server blunder.
"The 'Service Unavailable' message [shown on the Windows Phone 7 Series site yesterday] is a well known error message for IIS servers that don't have the correct version of .NET installed or for rights permissions. I don't think that error would be created from too much traffic as it is a message from the web server," noted Reg reader Dave Simmons.
The Register will update this story if we hear back from Microsoft. ®