I love Skype. I use it all the time to talk "face-to-face" with far away family and friends. I'd be willing to say, in part, I depend on the program and service. So it really freaks me out when a service as popular as Skype is so easy to hack.
Fortunately, the flaw has been fixed. But here's the deal. Up until yesterday, in order to hack someone's Skype account, all you needed was their email address and username.
All that was required, according to the post, was knowledge of the e-mail address of the victim. Attackers could then register for a new account using the same address. Once logged in to the new account in the Skype client, attackers activated the password-reset feature and waited for the client to display instructions for resetting the passcode. [Ars Technica]
The post referred to by Ars is from a Russian website you can view in English via Google Translate here.
Here's the takeaway. At SumRando, we talk a lot about keeping your data safe. In fact, that's why we run such a great VPN, because we know what it's like to have information abused. But sometimes — as is the case here — the best personal security can't protect you from an attack. And in that light, we'd like to encourage all our users to be as careful as possible. If your email is compromised, but you have the help of great anti-virus software, careful browsing, and a bullet-proof VPN, it's unlikely anything too terrible is going to happen.