You can now add Microsoft to the list of companies that have recently been burned by hackers.
Microsoft’s online store in India was hacked this morning by Chinese hacker group EvilShadow team – 7z1&Ancker, reports WP Sauce. Even worse, it appears that the store’s database of usernames and passwords has been leaked as well, potentially exposing those users’ payment information.
At the time of this post, Microsoft’s India online store is still offline. We’ve dropped a word into Microsoft for more details on the situation.
While we can easily confirm that the site is offline, it’s more difficult to prove if the store’s username database has been hacked. Screenshots potentially showing information from the database have been released by the Chinese site HackTeach, but Microsoft has yet to confirm that the data has been compromised. HackTeach is also reporting that the passwords were unsecured and saved in plain text, which if true, would be a shocking security blunder on Microsoft’s part.
Update: A Microsoft representative has sent along the following comment: “Microsoft is investigating the limited compromise of the company’s online store in India. Microsoft is diligently working to remedy the issue and keep our customers protected.”
VentureBeatVentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more