- Dec 28, 2011
- 523
(From MaximumPC.com)
It’s been almost a year since the famous Sony hack leaked the personal information of millions of unsuspecting gamers into some of the seedier corners of the Internet, and history is repeating itself again, this time with Microsoft. Those visiting the Microsoft Online Store in India this morning were greeted with the haunting image of Guy Fawkes warning them that this “unsafe system would be baptized”. A hacker group known as the Evil Shadow Team has taken responsibility for the attack, and has even released proof that passwords stored on the server were not encrypted.
Microsoft seems to have regained control and closed the site down until further notice, but something like this is always a bit of a PR disaster. Getting hacked doesn’t look good, but it happens to the best of us. Storing passwords sans encryption on the other hand is just downright inconsiderate considering how easy it is to salt in a bit of extra protection.
We still don’t know if the online stores in other countries are vulnerable to the same type of attack, but since only the India site was taken offline, the rest might be secure for now. We also won’t know if credit card data was compromised, and likely won’t until Microsoft releases an official statement.
Surely they know to encrypt those right?
It’s been almost a year since the famous Sony hack leaked the personal information of millions of unsuspecting gamers into some of the seedier corners of the Internet, and history is repeating itself again, this time with Microsoft. Those visiting the Microsoft Online Store in India this morning were greeted with the haunting image of Guy Fawkes warning them that this “unsafe system would be baptized”. A hacker group known as the Evil Shadow Team has taken responsibility for the attack, and has even released proof that passwords stored on the server were not encrypted.
Microsoft seems to have regained control and closed the site down until further notice, but something like this is always a bit of a PR disaster. Getting hacked doesn’t look good, but it happens to the best of us. Storing passwords sans encryption on the other hand is just downright inconsiderate considering how easy it is to salt in a bit of extra protection.
We still don’t know if the online stores in other countries are vulnerable to the same type of attack, but since only the India site was taken offline, the rest might be secure for now. We also won’t know if credit card data was compromised, and likely won’t until Microsoft releases an official statement.
Surely they know to encrypt those right?
