NEW DELHI (Reuters) - Microsoft India’s retail website was down on Monday after being hacked, with a purportedly Chinese group called Evil Shadow Team posting screenshots the hackers said were customers’ obscured usernames and passwords found unencrypted on the site.
“Microsoft is investigating a limited compromise of the company’s online store in India,” a Microsoft spokeswoman said in an emailed statement.
“The store customers have already been sent guidance on the issue and suggested immediate actions. We are diligently working to remedy the issue and keep our customers protected,” she said.
The Microsoft Store India (www.microsoftstore.co.in) website showed an error message promising to restore access as quickly as possible.
The hackers obscured the full usernames and passwords in the screen shots posted on a blog run by Evil Shadow Team member 7z1 (ps.s.blog.163.com). Writing in Mandarin, 7z1 describes himself as a “patriotic hacker”.
The hacker, 7z1, told Reuters the data had been found unencrypted on the website.
The Indian edition of Microsoft Store is operated by Indian company Quasar Media. A spokesman said the company was investigating.
“I am not sure when the site will be up again or what happened,” spokesman Rahul Roy said.
Reporting by Frank Jack Daniel; Additional reporting by Melanie Lee in SHANGHAI; Editing by John Chalmers and Robert Birsel