Skip to main content

Microsoft Store India hacked with passwords exposed

Microsoft Store India has come under attack by hackers raiding under the banner of 'Evil Shadow Team', WPSauce has reported. The website was defaced yesterday with the above image replacing access, which was achieved by redirecting visitors to a file the team uploaded -- evil.html. The message is clear from the attack: "Unsafe system will be baptized."

For now the website is offline, presumably while Microsoft investigates what exactly went wrong and suggesting the software giant has regained control.

"The Microsoft Store India is currently unavailable. Microsoft is working to restore access as quickly as possible. We apologise for any inconvenience this may have caused."

Customers of the online store have been strongly urged to change their passwords once the site comes back online as Quasar Media, the online marketing agency that maintains the website, decided it would be a great idea to store user credentials and personal information in plain text - an obvious insecure practice.

While one could argue that it's in the interest of the customers to know that their details are not being stored securely, another could counter with stating that the attack, which has no known motive, was not required. 

Source: WPSauce, Hackteach, thanks for all the tips that were sent in!

Rich Edmonds is a word conjurer at Windows Central, covering everything related to Windows, gaming, and hardware. He's been involved in technology for more than a decade and knows a thing or two about the magic inside a device chassis. You can follow him over on Twitter at @RichEdmonds.

4 Comments
  • Well well, no harm done then? Would be interesting to se what would surface on a Google hack, find out the truth.
  • Oh the conspiracy!! :D
  • I fully support hacking everything that has not been secured even if that means inconvenience for me.
  • Apparently the store is a third party using the MS name... but not for long!