Microsoft Data Breach Lead To Exposing Of 250 Million Customers Data

- Advertisement -

On 23rd January, Microsft disclosed the data breach that took place last year during the December month. The company published a blog post on its Microsft Security Response Centre blog saying that the data breach occurred due to misconfiguration of an internal customer support database meant for tracking support cases.

The data breach was first reported by Bob Diachenko who led the Comparitech security research team. He said, ” All of the Microsoft customers’ data was left accessible to anyone with a Web browser, with no password or other authentication needed“.

What Was There In The Leaked Database?

According to the Microsft official blog post, the customer support database that was exposed included 250 million customers details such as email addresses, IP addresses, locations, case numbers, Microsoft support agest emails and chats between the customers and the Microsoft support agents that were collected over 14 years from 2005 to December 2019.

- Advertisement -

Bob Diachenko said to ZDNet, “The leaky customer support database consisted of a cluster of five Elasticsearch servers, a technology used to simplify search operations”.

Microsoft has said that there have been reports of the data getting misused. Talking about the visibility of the exposed data, the support case analytics database has been made private using automated tools. However, the data of the users who have taken customer support using the non-standard format (“name surname @ email domain com” instead of “name.surname@email.com”) are still exposed. Microsoft has started notifying the customers who have used non-standard format while filing the request for customer support.

WHILE THE INVESTIGATION FOUND NO MALICIOUS USE, AND ALTHOUGH MOST CUSTOMERS DID NOT HAVE PERSONALLY IDENTIFIABLE INFORMATION EXPOSED, WE WANT TO BE TRANSPARENT ABOUT THIS INCIDENT WITH ALL CUSTOMERS AND REASSURE THEM THAT WE ARE TAKING IT VERY SERIOUSLY AND HOLD OURSELVES ACCOUNTABLE

– Ann Johnson, Corporate Vice President, Cybersecurity Solutions Group at Microsoft

Microsoft has apologized for this data leak saying that “We want to sincerely apologize and reassure our customers that we are taking it seriously and working diligently to learn and take action to prevent any future reoccurrence“. In addition to this, the company has thanked Bob Diachenko, for helping Microsft to quickly fix the security flaw.

- Advertisement -

Further Reading:

Show us some support by following our Instagram handle.

- Advertisement -
Microsoft Data Breach Lead To Exposing Of 250 Million Customers Data
Narang Gupta
I love to share my feelings through tech.

Leave a Reply

Related posts

AdvertismentMicrosoft Data Breach Lead To Exposing Of 250 Million Customers DataMicrosoft Data Breach Lead To Exposing Of 250 Million Customers Data

Latest posts

Sony Reveals Pricing of New PS5 Games and Peripherals, Launching 19th November in India

Sony announced the launch titles available for the PS5, as well as all available peripherals for the upcoming console at a stream earlier today.

GoPro HERO9 Black Announced — Delivers 5K Video, HyperSmooth 3.0 Video Stabilization at Rs. 49,500

Well, this isn't really a good time to launch action cameras, but then GoPro just went ahead and announced their new Hero9...

Spider-Man Miles Morales Gameplay Revealed at PS5 Showcase – Will Also Release on PS4

Insomniac Games showcased new gameplay of its upcoming Spider-Man: Miles Morales at the PlayStation 5 showcase.

Next Article Loading