New Delhi: Hackers, supposedly belonging to a Chinese group called Evil Shadow Team, strikes at www.microsoftstore.co.in on Sunday night, larceny login ids and passwords of people who had used the website for shopping Microsoft products.
The hackers disguised the full usernames and passwords in the screen shots posted on a blog run by Evil Shadow Team member 7z1 (ps.s.blog.163.com). Writing in Mandarin, 7z1 depicts himself as a ‘patriotic hacker’.
While it is worrying that hackers were able to breach security at a website owned by one of the biggest IT companies in the world, it is more alarming that user details, login ids and passwords – were allegedly stored in plain text file, without any encryption.
Following the hack, the members of Evil Shadow Team, posted a message on the Microsoft website saying ‘unsafe system will be baptized’. The story was first reported by www.wpsauce.com. Later on, the website seems to have been taken offline by Microsoft.
Microsoft Store India is operated by local company Quasar Media. A spokesman said that the company was investigating.
A spokesman Rahul Roy said that “I am not sure when the site will be up again or what happened.” A spokesman at Microsoft India said that he was unable to instantly comment.