also @ TechSpot: California man finds limits of Verizon FiOS unlimited data broadband service: 77TB

Microsoft's Indian online store hacked, passwords and user data exposed

Discussion in 'TechSpot News and Comments' started by Leeky, Feb 13, 2012.

Post New Reply

  1. Leeky TechSpot Moderator Posts: 4,344   +59

    Microsoft’s online retail store for India, operated by Indian company Quasar Media, remains offline today after hackers breached the website's defenses and stole user account information and passwords over the…

    Read the whole story
    Leeky, Feb 13, 2012
    #1

  2. ikesmasher TechSpot Addict Posts: 1,117   +80

    posting that picture is really not necessary, is it?
    ikesmasher, Feb 13, 2012
    #2

  3. Burty117 TechSpot Chancellor Posts: 1,918   +90

    Well it kinda is, all those users should be changing their passwords anyway and the site is currently down.

    All that data was un-encrypted, if Microsoft had been doing its job properly the data wouldn't have ended up on here in the first place.

    All users would have had some kind of email sent to them to warn them, if the user doesn't do anything, more fool them?
    Burty117, Feb 13, 2012
    #3

  4. Guest

    Actually it is, because it shows that microsoft keeps unencrypted user passwords.
    Guest, Feb 13, 2012
    #4

  5. Guest

    Microsoft’s online retail store for India, operated by Indian company Quasar Media ... how is this Microsoft's fault?
    Guest, Feb 13, 2012
    #5

  6. TekGun TechSpot Enthusiast Posts: 135

    The store is not run by Microsoft, the store is owned and operated by a Indian company that sells MS stuff.
    TekGun, Feb 13, 2012
    #6
     

  7. ikesmasher TechSpot Addict Posts: 1,117   +80

    i mean, it just seems wierd that they would actually post the passwords without covering them, as many of those people might use that password for other services, too.
    ikesmasher, Feb 13, 2012
    #7

  8. Leeky TechSpot Moderator Posts: 4,344   +59

    I considered it safe given that the full email addresses and usernames were not disclosed. As they stand, the passwords are worthless without the other credentials required to log into various services online. The information released in that article image is actually less information than would normally be released by Anonymous when they upload data to Pastebin, for example.

    Also, it is important that people are aware that it was an Indian company Quasar Media that owned and operated the site, not Microsoft themselves. I can't imagine Microsoft being aware of unencrypted customer information prior to this incident, and I very much doubt they'd have allowed it to continue had they found out.
    Leeky, Feb 13, 2012
    #8

  9. 3DCGMODELER TechSpot Enthusiast Posts: 298   +11

    I think they forgot to tell them .....
    ...
    " Oh, don't forget, to Encrypt the User data.!!"

    Ya Think... Daaaa
    3DCGMODELER, Feb 13, 2012
    #9

  10. Guest

    number 119... has the WORST password, (you can see it in the picture)

    email = first&lastname
    pastword = first&lastname

    dafaq?
    Guest, Feb 13, 2012
    #10

  11. Chazz TechSpot Enthusiast Posts: 534   +35

    A lot of those email addresses can be figured out by looking at the other data. 119 and 130 shows that your attempt to censor blocks out just about 5 characters. So most of the email addresses can be figured out anyway using their first and last name from reference. I'd atleast censor their last name too.
    Chazz, Feb 14, 2012
    #11

Add New Comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.