58 
Another day, another technology giant hacked. This time, it’s Microsoft’s Indian web store that’s been attacked by the EvilShadow team. The big problem: Microsoft was storing passwords as plain text.
WP Sauce reports that the attack happened yesterday, with the EvilShadow team replacing the front page to Microsoft’s online India store with a page called evil.html. The site is still currently down.
The hackers have also released user name and password combinations that were saved in plain text by Microsoft. If, for whatever reason, you used the Indian Microsoft store, you should probably change your passwords as soon as possible. [WP Sauce]
Hmm, interesting. Not a single comment, and Microsoft were storing passwords unencrypted.
What’s strange is the shitstorm Sony got for storing theirs as hashes.
I think you’ll find it’s a simple but typical 1st world response of ‘meh, doesn’t affect us’. As the article points, this only affects you if you have used the Indian Microsoft store. How many of us in the UK would have done that?
Now, if it was the US store hacked and discovered plain text passwords, then yes, you’d see hell of a big shit storm.
As a contrast, Sony’s hacking affected users world wide, not just one country. They also took 6 days before officially confirming that they were hacked.
It’s all about degrees of concern…