Incident: Microsoft India Online Store Hacked, Usernames and Passwords Stolen

Published Date: 2012-02-13

Postmortem Analysis
Timeline 1. The software failure incident of Microsoft's online store in India being hacked happened on Sunday [10162]. 2. Published on 2012-02-13. 3. The incident occurred on Sunday, February 12, 2012.
System 1. Microsoft's online store in India [10162]
Responsible Organization 1. The Evil Shadow Team, a Chinese group of hackers, was responsible for hacking Microsoft's online store in India [10162].
Impacted Organization 1. Customers of Microsoft's online store in India [10162]
Software Causes 1. The software cause of the failure incident was the lack of encryption for storing passwords on Microsoft's online store in India, making them easily accessible to hackers [10162].
Non-software Causes 1. Lack of encryption for storing passwords: The passwords were stored in clear text and not encrypted, making them vulnerable to theft [10162].
Impacts 1. The theft of usernames and passwords of Microsoft's online store customers in India [10162]. 2. Customers' passwords were stored in clear text and not encrypted, putting them at risk of further security breaches [10162]. 3. The hacked site was taken down, leading to the unavailability of the Microsoft Store India [10162]. 4. Users were advised to change their passwords once the site comes back online and to update credentials used on other sites [10162].
Preventions 1. Implementing proper encryption protocols for storing sensitive data like passwords could have prevented the incident [10162]. 2. Regular security audits and penetration testing could have identified vulnerabilities in the system before they were exploited by hackers [10162]. 3. Increasing awareness and training on internet security among employees and users could have helped in preventing such incidents [10162].
Fixes 1. Encrypting passwords: Storing passwords in clear text was a major security flaw in the Microsoft online store in India, making it easier for hackers to steal user credentials [10162]. 2. Implementing stronger security measures: Microsoft should enhance its security protocols to prevent future hacking incidents and protect customer data [10162]. 3. Educating users on password security: Users should be informed about the importance of using unique and strong passwords, as well as avoiding password reuse across multiple accounts to minimize the impact of potential breaches [10162].
References 1. Microsoft statement to CNET [10162] 2. Report in the Times of India [10162] 3. Comment in a story by AFP [10162]

Software Taxonomy of Faults

Category Option Rationale
Recurring unknown (a) This specific incident of Microsoft's online store in India being hacked and customer usernames and passwords being stolen is a unique event for Microsoft as reported in the article [10162]. There is no mention of a similar incident happening again within the same organization. (b) The article [10162] does not provide information about a similar incident happening at other organizations or with their products and services.
Phase (Design/Operation) design, operation (a) The software failure incident related to the design phase can be attributed to the fact that the passwords on Microsoft's online store in India were stored in clear text and not encrypted. This design flaw allowed the hackers to easily access and steal usernames and passwords of the site's customers [10162]. (b) The software failure incident related to the operation phase can be linked to the misuse of the system by the hackers who exploited the unencrypted passwords to gain unauthorized access to the site. This misuse of the system led to the theft of customer information and the subsequent shutdown of the Microsoft Store India [10162].
Boundary (Internal/External) within_system, outside_system (a) within_system: The software failure incident involving the hacking of Microsoft's online store in India was primarily due to factors originating from within the system. The incident occurred because the passwords were stored in clear text and not encrypted, making it easier for hackers to access and steal customer information [10162]. This lack of proper security measures within the system allowed the hackers to compromise the site and steal usernames and passwords. (b) outside_system: The software failure incident also highlighted external factors contributing to the breach. A Chinese group of hackers known as Evil Shadow Team claimed responsibility for the hack, indicating that external malicious actors targeted the system [10162]. Additionally, the incident shed light on the broader issue of internet security awareness in India, suggesting that external factors such as the overall cybersecurity landscape in the country could have played a role in the vulnerability of the system [10162].
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident occurring due to non-human actions: The software failure incident in this case was primarily due to the hacking carried out by a Chinese group of hackers known as Evil Shadow Team. The hackers were able to access and steal usernames and passwords from Microsoft's online store in India. The passwords were found to be stored in clear text and not encrypted, making them vulnerable to such attacks [10162]. (b) The software failure incident occurring due to human actions: The incident also highlights potential human-related factors contributing to the failure. The lack of encryption for the stored passwords on the website was a critical oversight, as it made the sensitive information easily accessible to the hackers. Additionally, the lack of awareness about internet security in the country, as mentioned by Indian IT specialists, could be seen as a human factor contributing to the vulnerability of the system [10162].
Dimension (Hardware/Software) software (a) The software failure incident reported in the article is primarily attributed to a lack of security in the software system rather than hardware issues. The incident involved a hack on Microsoft's online store in India, resulting in the theft of usernames and passwords of customers. The hackers were able to access unencrypted usernames and passwords stored on the site, indicating a vulnerability in the software system's security protocols [10162]. (b) The software failure incident is directly related to software issues. The hackers exploited a vulnerability in the software system by accessing unencrypted usernames and passwords stored on the site. This indicates a flaw in the software's security measures, as passwords should have been encrypted to prevent such unauthorized access [10162].
Objective (Malicious/Non-malicious) malicious (a) The software failure incident in this case was malicious. The Microsoft online store in India was hacked by a Chinese group of hackers known as Evil Shadow Team. The hackers stole usernames and passwords of the site's customers and posted screenshots of the unencrypted credentials on their blog, indicating their intent to harm the system. The group took credit for the hack and even left a message on the hacked website stating, "Unsafe system will be baptized" [10162]. This incident clearly demonstrates a malicious intent to compromise the security of the Microsoft online store in India.
Intent (Poor/Accidental Decisions) poor_decisions (a) The intent of the software failure incident: The software failure incident involving the hacking of Microsoft's online store in India was primarily due to poor decisions related to cybersecurity practices. The incident occurred because the hackers were able to access unencrypted usernames and passwords stored on the site, indicating a lack of proper security measures in place [10162]. Additionally, the fact that passwords were stored in clear text and not encrypted highlights a significant oversight in safeguarding customer data, reflecting poor decisions in terms of data protection and security protocols.
Capability (Incompetence/Accidental) development_incompetence (a) The software failure incident related to development incompetence: The incident of Microsoft's online store in India being hacked and resulting in the theft of usernames and passwords can be attributed to development incompetence. The passwords were stored in clear text and not encrypted, which is a significant security oversight. This lack of encryption allowed the hackers to easily access and steal the sensitive information of the site's customers [10162]. (b) The software failure incident related to accidental factors: There is no specific mention in the provided article indicating that the software failure incident was due to accidental factors.
Duration temporary The software failure incident reported in Article 10162 was temporary. The Microsoft online store in India was hacked by a Chinese group of hackers, resulting in the theft of usernames and passwords of the site's customers. Microsoft took down the hacked site and replaced it with a message informing users that the store was currently unavailable and that they were working to restore access as quickly as possible. Customers were also advised to reset their passwords and change them on other sites if they had reused the same credentials. This indicates that the incident was temporary and not a permanent failure [10162].
Behaviour crash (a) crash: The software failure incident in the article can be categorized as a crash. The Microsoft online store in India was hacked, resulting in the theft of usernames and passwords of the site's customers. As a response to the hack, Microsoft took down the hacked site and replaced it with a message informing users that the Microsoft Store India is currently unavailable while they work to restore access [10162]. This indicates a failure of the system losing its state and not performing its intended functions due to the security breach.

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence property, theoretical_consequence (d) property: People's material goods, money, or data was impacted due to the software failure. The software failure incident involving the hacking of Microsoft's online store in India resulted in the theft of usernames and passwords of the site's customers. The passwords were stored in clear text and not encrypted, making customers who purchased items through the site at risk. Users were advised to change their passwords as soon as the site comes back online and to also change credentials used on other sites if they were the same. The incident highlighted a surprising lack of security for a company like Microsoft and the potential risk of hackers using the stolen information to access other accounts [10162].
Domain sales (a) The software failure incident reported in the news article [10162] was related to the sales industry. Specifically, it affected Microsoft's online store in India, where usernames and passwords of the site's customers were stolen due to a hack by a Chinese group of hackers. The incident led to the compromised online store being taken down by Microsoft, with customers being advised to reset their passwords and take necessary security measures. The breach highlighted the risk posed to customers who had purchased items through the site, emphasizing the importance of password security and encryption in online sales platforms.

Sources

Back to List