Microsoft's India store hacked, usernames & passwords stolen

I

iS THAT ME

Member
Joined
12 Jan 2012
Messages
1,784
Reaction score
247
Microsoft's India store hacked, usernames & passwords stolen

AyHS2.png


NEW DELHI: Hackers, allegedly belonging to a Chinese group called Evil Shadow Team, struck at www.microsoftstore.co.in on Sunday night, stealing login ids and passwords of people who had used the website for shopping Microsoft products.

While it is troublesome that hackers were able to breach security at a website owned by one of the biggest IT companies in the world, it is more alarming that user details - login ids and passwords - were reportedly stored in plain text file, without any encryption.

Following the hack, the members of Evil Shadow Team, posted a message on the Microsoft website saying "unsafe system will be baptized". The story was first reported by www.wpsauce.com.

Later, the website seemed to have been taken offline by Microsoft. We advise the users at Microsoft India Store to change the password as soon the website comes online. Also, if they have used the same password or login id on any other web service, they should change it immediately.

Last year, hacker groups like Lulzsec had carried out several-profile high profile break-ins, putting focus on the security measures companies put in place. Sony allegedly suffered several security breaches and hackers stole user ids and passwords of customers from its network.

In a message posted on a website called Pastebin, Lulzsec claimed the group was bringing attention to the web security. "Do you think every hacker announces everything they've hacked? We certainly haven't, and we're damn sure others are playing the silent game. Do you feel safe with your Facebook accounts, your Google Mail accounts, your Skype accounts? What makes you think a hacker isn't silently sitting inside all of these right now," the group wrote.

But the incident at Microsoft Store on Sunday hints that lessons have not been learnt. Just like Sony, which later revealed that user ids and passwords were not encrypted at the time of security breach, Microsoft too seemed to have been casual about handling the user details by storing them in a plain text file. We have contacted Microsoft but company has so far not acknowledged or commented on the security breach.
Click to expand...



Source
 

Similar threads

mmadhankumar
    • Wow
    • Sad
700m LinkedIn users data listed online for sale
Replies
0
Views
1,137
mmadhankumar
mmadhankumar
Bapun
    • Sad
    • Wow
Unacademy hacked, details of 2 crore users' put up for sale
Replies
1
Views
858
Neel
Neel
Bapun
    • Like
    • Sad
BigBasket Data Breach
Replies
1
Views
2,645
Bapun
Bapun
Bapun
    • Wow
    • Sad
A hacker group is selling more than 73 million user records on the dark web
Replies
0
Views
748
Bapun
Bapun
Bapun
    • Like
GoDaddy hosting security breach (hacked)
Replies
1
Views
974
Bapun
Bapun
Back
Top Bottom
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock