The folks over at Microsoft (who now owns Skype) fixed a bug earlier today that potentially would have allowed anyone to hijack a Skype account simply by knowing the e-mail address the account was associated with. Apparently the vulnerability was found at least 3 months ago by a Russian researcher who claims that many users were affected. Im not aware of any procedures in place to reclaim a Skype ID that was hijacked, but if anyone knows of one please let us know either by leaving a comment or contacting us via the contact page. Trend Micro[1] has a pretty good writeup, so I wont rehash the whole thing here and Microsoft has responded[2].
References:
[1] http://countermeasures.trendmicro.eu/skype-vulnerability/
[2] http://heartbeat.skype.com/2012/11/security_issue.html
---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Source: http://isc.sans.edu/diary.html?storyid=14512&rss