Microsoft's India store hacked, usernames & passwords stolen

New Delhi, February 13: Hackers, allegedly belonging to a Chinese group called Evil Shadow Team, struck at www.microsoftstore.co.in on Sunday night, stealing login ids and passwords of people who had used the website for shopping Microsoftproducts.

While it is troublesome that hackers were able to breach security at a website owned by one of the biggest IT companies in the world, it is more alarming that user details - login ids and passwords - were reportedly stored in plain text file, without any encryption.

Following the hack, the members of Evil Shadow Team, posted a message on the Microsoft website saying "unsafe system will be baptized". The story was first reported by www.wpsauce.com.

Later, the website seemed to have been taken offline by Microsoft. We advise the users at Microsoft India Store to change the password as soon the website comes online. Also, if they have used the same password or login id on any other web service, they should change it immediately.

Last year, hacker groups like Lulzsec had carried out several-profile high profile break-ins, putting focus on the security measures companies put in place. Sony allegedly suffered several security breaches and hackers stole user ids and passwords of customers from its network.

In a message posted on a website called Pastebin, Lulzsec claimed the group was bringing attention to the web security. "Do you think every hacker announces everything they've hacked? We certainly haven't, and we're damn sure others are playing the silent game. Do you feel safe with your Facebook accounts, your Google Mail accounts, your Skype accounts? What makes you think a hacker isn't silently sitting inside all of these right now," the group wrote.

But the incident at Microsoft Store on Sunday hints that lessons have not been learnt. Just like Sony, which later revealed that user ids and passwords were not encrypted at the time of security breach, Microsoft too seemed to have been casual about handling the user details by storing them in a plain text file. We have contacted Microsoft but company has so far not acknowledged or commented on the security breach.

Comments

Add new comment

Coastaldigest.com reserves the right to delete or block any comments.
Coastaldigset.com is not responsible for its readers’ comments.
Comments that are abusive, incendiary or irrelevant are strictly prohibited.
Please use a genuine email ID and provide your name to avoid reject.

Kodagu: Jilted groom kills 15-yr-old girl hours after she passes SSLC; Officials had thwarted her wedding

News Network

May 10,2024

Madikeri: A 15-year-old was bludgeoned to death and the accused fled with her severed head at Mutlu village in Somwarpet of Kodagu district on Thursday late night, hours after her SSLC examination result was declared.

The victim has been identified as US Meena, a 10th grade student of Surlabbi High School. She had passed the SSLC examination and her school attained 100% results.

However, she was brutally murdered by accused Prakash (32), a resident of the village. The police have launched a search operation to find the suspect, said Kodagu SP K Ramarajan

It is said that the minor girl's engagement with the suspect was thwarted by officials from Women and Child Development department on May 9, and later officials had even convinced her parents of not to marry the minor girl.

However, the suspect barged into her house in the night and allegedly kidnapped her. Later, he took her to an area near the periphery of the forest and murdered her after which he fled with her severed head.

Victim's mother too has suffered injuries and is admitted to a hospital for treatment. The reason for the murder will be known after the probing officials have inquired the victim's mother, said the SP.

Comments