Microsoft has online stores for each localized region and the store in India has been compromised. As of 12:30 PM EST https://www.microsoftstore.co.in/ was still offline. WPsauce.com was able to grab a couple screenshots before the site went down that revealed that EvilShadow team was responsible for the breach, although the hackers are not design experts as blue text on black backgrounds makes getting your message across a bit harder on the eyes.
Image Credit: Hackteach
The real damage from this breach of security is that the database of the site has been compromised and to make things even worse, the passwords were saved as plain text. If you have ever created an account on Microsoft's store for India, it is imperative that you change your password immediately on all other websites that use similar phrases or logins.
A breach of security such as this is bad enough publicity for Microsoft but the fact that they did not adhere to industry best practices for securing sensitive data is rather alarming considering how often consumers use the same or similar passwords on multiple websites.
If/When Microsoft offers an update to the situation we will update this post.
Update: As noted below, this website is run by Quasar Media and not Microsoft.
34 Comments - Add comment