Microsoft Store India website hacked – Database compromised!

Microsoft India’s online store has been hacked and defaced! Although it was possible to browse individual items, the home page displayed the following message.

The credit for the hack has been taken by the EvilShadow, apparently a Chinese group, and the defaced home page displayed links to the hackers blogs as well as their email ID’s.

A new URL /evil.html was created and displayed the following message:

It looks like even the Microsoft Store India database and passwords have been compromised. You can see more such images at HackTeach.

Microsoft appears to have responded quickly and taken the site down, and as of now, seems to be offline.

UPDATE: They have also shot out an email to all, requesting users to change their passwords immediately.

We are writing to inform you that there may have been unauthorized access to some of your customer account information on Microsoft Store India. We have confirmed that databases storing credit card details and payment information were not affected during this compromise. However, exposed account details may include non-financial related information including e-mail address, password, order details and shipping address.

Microsoft Store takes this situation very seriously, and the company is diligently working to remedy the issue and keep our customers protected. We need your help in this regard and we ask that you please take the following steps to prohibit any further unauthorized access to your information.

Precautions You Should Take

In order to secure your account information, Microsoft Store will take the action to re-set your password. Please follow these steps to ensure your privacy is protected:

1. If you use the same e-mail and password combination on any other sites, including non-Microsoft websites or services, you should proactively change the password immediately to ensure your personal information is protected.

2. You will receive an e-mail with a temporary password and a prompt to create a new password. Please note, the password reset relates only to Microsoft Store India.

3. Once you receive the e-mail you should immediately create a new password, one that is both secure and familiar to you.

It might therefore be good idea to change your password as soon as posible.

Posted by with Tags
Anand Khanse is the Admin of, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. He enjoys following and reporting Microsoft news and developments in the world of Personal Computing & Social Media.


  1. Over the last 40 days… I had similar experience and still continues… 🙁

  2. No Moolies

    Those freakin’ Moolies…

  3. SMB

    Microsoft takes one step forward, then 5 steps back when it comes to security. They can’t even protect their own sites; imagine how secure your desktop really is. And then, they want us to use their cloud/Skydrive. Hmm…

  4. Ubais

    Congratz guys who did it, i think these are white hat hackers…

    Then i only have 1 think to say:

    “there is no surprise in the past, there are lessons”

    itz nt mine, microsoft guys may know who is these word’s owner

Leave a Reply

Your email address will not be published. Required fields are marked *

7 + 1 =