Earlier today, Microsoft issued a statement that declared that the financial information belonging to customers of its online store in India may have been compromised by the recent attack perpetrated by a Chinese group called the “Evil Shadow Team.”
It is widely believed that this information was stored in clear text in databases raided by the group. The Evil Shadow Team may also have breached the supposedly secure gateway handling the payment process. In an original statement issued shortly after the attack, Microsoft had claimed the group had only compromised login IDs, passwords and possibly shipping addresses. However, after further investigation, it appears that the damage was far worse. Two weeks after the attack, the online store is still down, suggesting there are serious issues with the site.
To learn how to secure SAP systems against similar attacks, read our whitepaper.