As it is a common practice among consumers to use the same account details on multiple websites, once one site data is compromised, other accounts are at risk as well.
Microsoft stated that it regularly checks to see if the leaked lists actually match any accounts and passwords in their system.
"You'd be surprised how often the lists - especially the publicly posted ones - are complete garbage with zero matches. But sometimes there are hits - on average, we see successful password matches of around 20% of matching usernames. A recent one only had 4.5% overlap. This is actually exciting because it means that, on average, 80% of our customers are following safe password practices, and this reflects a growing sophistication in our customers," noted Microsoft's Eric Doerr in the blog post.
Company also revealed that it is working to tighten its security and one of such measures is going to be increase in the character limit in passwords to make Brute Force attack more difficult.