Earlier this month, Microsoft"s online store in India was the subject of a cyber attack. The hacker group EvilShadow was responsible for the attack which not only defaced the web site with the image above but also exposed the site"s database, showing passwords of the site"s users as well as other personal information.
The day after the attack, Microsoft sent out an email to all of the web site"s users, claiming that no financial information, such as payment or credit card info, was exposed as part of the attack. Now it seems that has changed. According to the Digital Information web site (via The Verge), Microsoft India sent out another email to the web site"s customers, saying:
Further detailed investigation and review of data provided by the website operator revealed that financial information may have been exposed for some Microsoft Store India customers.
The email strongly suggests that Microsoft India store users monitor their credit card activity as well as contact their credit card provider to alert them to any possible unauthorized purchases.
This is obviously a big black eye on Microsoft as well as Quasar Media, the third party advertising and marketing company which Microsoft hired to run the Microsoft India online store.