This is huge! Microsoft’s India Store (microsoftstore.co.in) has been hacked by the “Evil Shadow Team” and what’s alarming is it not only managed to deface the site but also managed to get hold of user details including usernames and passwords, which were stored in plain text format without any encryption. Why Microsoft won’t encrypt user data cannot be explained, especially after last year’s Sony’s PlayStation Network incident. If you have ever registered on Microsoft Store, it is time to change your passwords on other sites. The Microsoft Store site is currently down. We have reached out to Microsoft India for a statement and will update this post as soon as we hear from them. [Update: Microsoft's initial response after the break.] In the meanwhile, hit the break to check out a screenshot of the Store’s user database.
“Microsoft is investigating the limited compromise of the company’s online store in India. The store customers have already been sent guidance on the issue and suggested immediate actions. Microsoft is diligently working to remedy the issue and keep our customers protected,” said a Microsoft spokesperson.