Security Experts:

Microsoft Confirms Breach at its Online Store in India

Late Sunday reports emerged that Microsoft’s online store in India had been hacked, defaced and user information exposed including unencrypted passwords. It turns out these claims are true and while Microsoft isn’t saying much on the subject, they did comment on the issue.

“Microsoft is investigating the limited compromise of the company’s online store in India,” a Microsoft spokesperson told SecurityWeek. “Customers have been notified and provided with guidance to reset their passwords. We are diligently working to remedy the incident and keep our customers protected.”

Taking credit for the hack is “7z1&Ancker,” claiming to be part of “EvilShadow Team”. After the site was defaced with several images and pages showing that were created by the attacker, Microsoft quickly took the site offline and it currently remains unavailable. At the time of publishing the site displays the following error message: “The Microsoft Store India is currently unavailable. Microsoft is
working to restore access as quickly as possible. We apologize for any inconvenience this may have caused.”

The hacker also posted several images, some of which are included below.

SecurityWeek will follow-up if additional details emerge.

Microsoft Online Store India Passwords Exposed

Microsoftstore.Co.in Hacked

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.