Skype used to be the most secure instant messaging system and I have frequently recommended it on this basis. Microsoft, under Bill Gates, used to be the big company most willing to protect user’s privacy. Skype was recently purchased by Microsoft.
Heise Security then reproduced the events by sending two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service. A few hours after their Skype messages, they observed the following in the server log:
22.214.171.124 – - [30/Apr/2013:19:28:32 +0200]
“HEAD /…/login.html?user=tbtest&password=geheim HTTP/1.1″
… In visiting these pages, Microsoft made use of both the login information and the specially created URL for a private cloud-based file-sharing service.