The passwords were stored in plain text.

http://www.maxconsole.com/maxconsole/contents/RKLS0000001815/icon_xl.jpg

Hackers have do it again, this time, the victim was the India's Microsoft Store and all its customers.


How is a big giant like Microsoft capable of storing sensitive customer's password in plain text?

Ask those in charge of the India's division of Microsoft Store which hackers took over yesterday.

The so called, Evil Shadow Team breached the security of the store and had control over the entire website. They also revealed that the customers passwords were not encrypted at all and were stored in just plain text. Incredible...

Microsoft appear to have regained control but... with methods like this, none of our personal data is safe...

More info on the link below.

NEWS SOURCE: Microsoft store India hacked (via) WPSauce (http://www.wpsauce.com/2012/02/breaking-microsoft-store-india-hacked.html)

Our thanks to 'Kaos2K' for another news posting!

If they had their store developed in india I wouldn't be surprised the passwords would be stored in a text file.

Having had the displeasure of having websites developed in india (and falling for their godawful "google optimisation" techniques) it became very clear very soon that the sheer lack of knowledge, regard and ignorance of western laws is a sidenote for the indian developers. (maybe the ones we dealt with - and perhaps not everyone. perhaps).

However the sloppiness of work, and the trouble afterwards is simply not worth it.

p.s: Not racist as you should hear what the Uk based software developers are doing to their customers.

I wonder if this has anything to do with the current 360 issues of hacked account being sold on polish sites, I have seen so many complaints on the metro site about these things and Microsoft claiming phishing scams and yet people who use email addy just for live are hit.

I wonder if this has anything to do with the current 360 issues of hacked account being sold on polish sites, I have seen so many complaints on the metro site about these things and Microsoft claiming phishing scams and yet people who use email addy just for live are hit.

i thought it was more connected to the windows live id (since its the same login as live) that was being used to hack accounts, obviously ms are stiol blaming their customers (and will no doubt continue right up until a lawsuit hits (like with rrod)).

that said, they are welcome to our live accounts now, i've let them all expire, they have never been used to purchase ANY content and have never had any payment method other than prepay live gold codes, so good luck with that, i dont even use those stupid "free" codes to put back the content the greedy scum have removed before purchase.

In informatic and elettronics, nothing is really sure. If a game run on conosole, this mean that something there is to work, need only to understand what.