The Times of India: Hackers allegedly affiliated with the Chinese group Evil Shadow Team defaced Microsoft’s Indian storefront on Sunday night and stole passwords and user ids for customers who had used the site. Apparently, Microsoft made the egregious mistake of storing the login data without encryption on its servers.
Customers who have used the site are urged to change their passwords immediately; if they use the same password for other sites or services, they should also change those passwords.
In response to the incident, Microsoft issued a statement saying, “Microsoft is investigating a limited compromise of the company’s online store in India. The store customers have already been sent guidance on the issue and suggested immediate actions. We are diligently working to remedy the issue and keep our customers protected.”