A Chinese hacking group calling itself Evil Shadow has taken credit for exposing sensitive data from one of the largest corporations in the world.
The hack only affects customers who have purchased a product or software download from Microsoft’s Indian online store, but its implications can be felt throughout the multinational company.
The Indian version of Microsoft’s online store is run by a company called Quasar Media, which shut down access to the site after Evil Shadow infiltrated and posted what appeared to be a list of user names and passwords.
At corporate, Microsoft called the incident a “limited compromise,” and a spokesperson was quoted by The Inquirer as saying, “The store customers have already been sent guidance on the issue and suggested immediate actions. We are diligently working to remedy the issue and keep our customers protected.”
Microsoft has fought hard to maintain an image of caring for and securing user privacy. In the wake of Google’s massive privacy policy change, Microsoft came out and touted its respect for its users.
In the wake of the firestorm surrounding Google’s security problems with Google Wallet, Microsoft should have been able to jump at the opportunity to showcase its security.
Of course, with this episode it becomes more difficult to do that. Nevertheless, it is not a far-reaching attack and will likely not tarnish Microsoft’s image that much in the long run.