Microsoft accidentally exposed 250 million customer service records
According to Microsoft, the database was accidentally exposed as part of a misconfiguration in the security rules that happened as a result of a change made on December 5. The databases were then picked up by the BinaryEdge search engine on December 28, and Diachenko discovered them on December 29. Despite happening during the holiday season, Microsoft was quick to fix the issue, with the data being secured by December 31.
The data contained in the records referred to conversations between customers and Microsoft's support teams, and most of the data in the logs was redacted as part of Microsoft's standard procedures. However, some data may have been left in plain text, including information such as e-mail addresses for customers and support agents, IP addresses, locations, case numbers, and confidential internal notes. As noted by the research team that discovered the issue, this information can be used by ill-intentioned actors to impersonate Microsoft support agents to scam customers. However, Microsoft notes that it didn't find any evidence of malicious use of the data.
Microsoft also says it's committed to preventing this sort of situation from happening again, so it's taking a number of steps. These include auditing the network security rules currently in place, adding additional alerts for when misconfigurations are detected, and implementing more automated redaction. The company is also notifying any customers affected by this incident.
Posted:
Related Forum: PC General Forum
Source: https://www.neowin.net/news/microsoft-accidentally-exposed-250-million-customer-service-records-online
Related Articles
Comments
Latest Downloads
- 01. Assassin's Creed 3 Save Game (Game completed 8%, until Chapter 4)(0)
- 02. Supermarket Simulator SaveGame (Quick start, 172 day, 65lvl)(0)
- 03. Caribbean Legend: SaveGame (before the start of the Dutch Gambit)(0)
- 04. Caribbean Legend: SaveGame (Passed the Secret Organization Gambit) [v1.0.0](0)
- 05. Jalopy: SaveGame (Pumped up LaikaGT)(0)
- 06. Assassin's Creed 3: Save Game (Game completed 8%, until Chapter 4)(3)
- 07. Supermarket Simulator: SaveGame (Quick start, 172 day, 65lvl)(0)
- 08. GoreBox: SaveGame (Ancient village of the Paleozoic era)(0)
- 09. Need for Speed: Most Wanted (2005) - SaveGame (0% career, 2 BMWs in the garage)(1)
- 10. [EU] CARX DRIFT RACING ONLINE - PROGRESS SAVE 6 SP DUO (CUSA15633)(10)
- 11. Fallout Shelter Modded Save PC(3)
- 12. Remember Me: SaveGame (The Game done 100%)(0)
- 13. The Long Drive: SaveGame (American pickup)(0)
- 14. Goemon's Great Adventure (US / NTSC) - Nintendo 64 Game Save(2)
- 15. The Long Drive: SaveGame (blue VW Beetle)(0)
Latest Tutorials
- 01. The Redress Of Mira 100% Walkthrough | Trophy & Achievement(541)
- 02. Russian Pinocchio Quick Trophy Guide(652)
- 03. Venatrix Quick Trophy & Achievement Guide(658)
- 04. Call of the Sea 100% Platinum Walkthrough(744)
- 05. Wire Lips 100% Platinum Walkthrough(750)
- 06. The Expanse 100% Platinum Walkthrough | Trophy & Achievement(706)
- 07. Doctor Who: The Edge of Reality - PS4 Platinum P/Thru(625)
- 08. Doctor Who:The Lonely Assassins - 100% Guide(560)
- 09. DAYMARE 1998 PS4 - Full game 100% TROPHY WALKTHROUGH(529)
- 10. Stray Platinum Walkthrough | Trophy & Achievement Guide(536)
- 11. Raji: An Ancient Epic | Complete Gameplay Walkthrough(699)
- 12. Corpse Killer: 25th Anniversary Edition - Longplay(712)
- 13. Song of Horror: Complete Edition Gameplay Walkthrough(453)
- 14. Remoteness 100% All Trophies Walkthrough(725)
- 15. Detective Inspector Mysterious Clues Platinum Walkthrough(599)
"Microsoft accidentally exposed 250 million customer service records" :: Login/Create an Account :: 3 comments