After visiting a cybercafe, a Hotmail user returned to find the Web mail account empty except for a note demanding payment for the return of the messages and address book, a security firm said Monday.
The affected person had accessed the Hotmail e-mail account from an unspecified Internet cafe in Mexico, said Dan Hubbard, senior director of Websense Security Labs in San Diego.
"When the user came back and logged into Hotmail, all 'sent' and 'received' e-mails were deleted, along with all the online contacts," Hubbard said. The only message that remained was one from the attacker, requesting payment in order to get the data back, he said.
The ransom note was written poorly in Spanish, but translated into English, it stated: "If you want to know where your contacts and your e-mails are then pay us or if you prefer to lose everything then don't write soon!" according to a Websense alert.
Such hostage taking is a new form of cyberextortion. Previous attacks have used malicious software known as ransomware that encrypts certain files on victims' computers and then demands payment for decryption. The blackmailer threatens to delete the files if no payment is received.
"We have only had one report. This very first one that we have found out about," Hubbard said.
The Hotmail user's credentials could also have been compromised through a phishing scam. However, Hubbard said that the unidentified victim believes that's not what happened.
Microsoft did not immediately respond to requests seeking comment.
Lesson for the wise: be cautious when traveling and using cybercafes. They appear to be targeted more and more, Websense said. Also, change your password frequently.