News

Microsoft's Online India Store Hacked, Personal Info Stolen

Hackers attacked Microsoft's store in India Sunday night, making off with usernames and passwords of customers who have previously placed orders on the site.

The Chinese hacker group, named Evil Shadow Team, infiltrated www.microsoftstore.co.in and stole the user information, which was apparently stored as an unencrypted text file. It then took credit for the attack by posting screenshots and a portion of the stolen usernames and passwords (obscured) on its Web site.

After the breach was discovered, Microsoft took the Web site offline, which is still down as of Monday afternoon.

Commenting on the hack, Microsoft sent the following statement to Reuters: "Microsoft is investigating a limited compromise of the company's online store in India. The store customers have already been sent guidance on the issue and suggested immediate actions. We are diligently working to remedy the issue and keep our customers protected."

Guidance was provided in e-mails to its Microsoft India customers, stating that while the passwords and user names had, in fact, been stolen, the database containing payment information (including credit card numbers and billing addresses) had not been compromised.

The company also said it had reset all user passwords and advised those to change similar information stored on other sites as soon as possible. "If you use the same e-mail and password combination on any other sites, including non-Microsoft websites or services, you should proactively change the password immediately to ensure your personal information is protected."

Microsoft provided no information on when its India-based online store would be back up.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Microsoft Starting To Roll Out New Excel Connected Data Types

    Microsoft on Thursday announced some Excel and Power BI enhancements that add "connected data types" on top of the standard strings and numbers options.

  • Windows 10 Users Getting New Process for Finding Optional Driver Updates

    Accessing Windows 10 drivers classified as "optional updates" will be more of a manual seek-and-install type of experience, starting on Nov. 5, 2020, Microsoft explained in a Wednesday announcement.

  • Microsoft Changes Privacy Platform Name to SmartNoise

    Microsoft Research has changed the name of its "differential privacy" platform from "WhiteNoise" to "SmartNoise," according to a Wednesday announcement.

  • Why Restarting a Failed SCVMM Job Might Be a Bad Idea

    Occasionally, restarting a failed System Center Virtual Machine Manager job can leave your virtualization infrastructure in an unknown state. Here's how to avoid that.

comments powered by Disqus