Last fortnight’s hacking of Microsoft India’s online store might have compromised more user information than what Microsoft initially admitted. In an email sent out to users and accessed by Medianama, Microsoft admits that credit card information might have been compromised and asked users to keep a close watch on their credit card transactions and also notify their banks about possible fraudulent transactions. Earlier Microsoft had assured users their credit card information was safe. It is not clear whether credit card information was also saved as plain text like username and passwords or whether hackers were able to access another database. Read on for the mail sent by Microsoft.
In a previous email on Feb. 12, 2012, we notified you there may have been unauthorized access to some of your customer account information on the Microsoft Store India site (http://www.microsoftstore.co.in) operated by a third party. We suggested you reset your password, among other security precautions, and to contact us with further questions.
Further detailed investigation and review of data provided by the website operator revealed that financial information may have been exposed for some Microsoft Store India customers. So, as an additional precaution, if you used a credit card on the Microsoft Store India website, we recommend the following actions:
Contact your credit card provider and alert them to potential unauthorized access to your account information.
Closely monitor and review your credit card account for abnormal activity, and if seen, immediately contact your credit card provider.
Microsoft is committed to protecting customer privacy and takes this situation very seriously. We understand that you may have additional questions, so we have set up a team of specialists to address any of your concerns. Please call them between 9 a.m. and 9 p.m. at 1-800-102-1100.
General Manager, Microsoft India