Microsoft Store India Hacked, Plaintext Passwords Leaked
Microsoft holds its store to Enterprise level security.
India online store of Microsoft was hacked this weekend, and is still down. The Verge:
“Reports are coming in that Microsoft’s online store in India has been hacked. The site is now offline, but Google’s cache shows that the Chinese EvilShadow Team is taking credit for the hack. Worse than the site takedown is that a list of usernames and passwords for accounts have been released — unfortunately, it looks like the site kept its users’ passwords stored in plain text, making it very easy for the hackers to get at the sensitive information.”
The message from the alleged Chinese hackers, who used Anonymous image on the page they added to hacked Microsoft Store India site www.microsoftstore.co.in/Evil.html (real screenshot above):
“Evil Shadow Team..
Unsafe system will be baptized … Blog:Http://Ps.s.Blog.163.com/
E-mail:0x.oday@Gmail.com”
Microsoft appointed independent reseller Quasar Media runs the website. The company is taking the blame.
So Microsoft is incapable to run and maintain its own website in other countries? At least Redmond didn’t make an embarrassing Photoshop this time.