Microsoft's Indian online store hacked, passwords and user data exposed

Microsoft's online retail store for India, operated by Indian company Quasar Media, remains offline today after hackers breached the website's defenses and stole user account information and passwords over the weekend. Chinese hacker group Evil Shadow Team claimed responsibility for the attack, and said they found account information and passwords stored in plain text files unencrypted on the server.

"Microsoft is investigating a limited compromise of the company's online store in India," a company spokeswoman said in an emailed statement to Reuters. Store customers have already been sent guidance on the issue and suggested immediate actions as Microsoft works to secure and bring the site back online.

Although the hackers held back from releasing all of the information, they did publish proof, including a screenshot of the personal details they found. Customers' financial information has not been exposed.

Quasar Media released a brief statement saying they are not sure when the site will be up again or what happened. It is not clear exactly what the motives were for the targeting Microsoft's Indian website, but it is thought that the border disputes between China and Pakistan and the animosity between the countries played a part, as they have all suffered attacks at the hands of hackers. 

Those with accounts at Microsoft's online retail store for India should immediately change passwords for other online services using the same login credentials.