Hackers in 1999 discovered a flaw that allowed logging into any Hotmail account with the password 'eh.'
In 1999, hackers accessed the system when they discovered that you could log in to any account by using the two letter password "eh." At that time, the incident was called "the most widespread security incident in the history of the Web."
Two years later in 2001, hackers found that if you logged into your own Hotmail account, you could then access any other person's Hotmail account by creating a URL using that second account's username and a message number.
Hundreds of newspapers and websites published just how to do this and millions of Hotmail accounts were compromised from August 7 to August 31, 2001.