When outsourcing fails you

Microsoft’s South Korean MSN site, apparently very popular, more so than the US version, is operated by a third party. This vendor apparently did not patch their servers hosting MSN Korea, allowing for the malicious code to be inserted. On the technical side, disconcerting is the (currently) unknown (or not made public) duration the malicious code was operating.

Source: CNN.com – Microsoft:MSN site hacked in South Korea – Jun 2, 2005.

Microsoft acknowledges that hackers booby-trapped its MSN Web site in South Korea to steal passwords from visitors.

Continue reading “When outsourcing fails you