Microsoft Exposed 250M Customer Service records to the Web
The Microsoft cloud databases which containing Fourteen years of customer support logs exposed twenty-five million records to the open internet for twenty-five days.
The account info dates back as far as the year 2005 and is as recent as December 2k19 and exposes Microsoft customers to phishing and tech scams.
In a blog post on Microsft, the OS maker has said that internal customer support of the database that was storing anonymized user analytics was accidentally exposed online without the proper protections between December 5 and December 31.
In a blog post on Microsft, the OS maker has said that internal customer support of the database that was storing anonymized user analytics was accidentally exposed online without the proper protections between December 5 and December 31.
The database was spotted and also reported to Microsoft by Bob Diachenko who was a security researcher with the Security Discovery.
The leaky customer support database consisted of a cluster of 5 Elasticsearch servers, which technology used to simplify the search operations. All 5 servers stored the same data and appearing to be mirrors of each other.
Diachenko said that Microsoft has secured the exposed database on the same day he reported the issue to the OS maker and despite being New Year's Eve. He said that he has been in a touch with the Microsoft team helping and supporting them to properly investigate it.
The servers contained roughly 250 million entries and information such as the email addresses, the IP addresses, and also the support case details. Microsoft said that most of the records did not contain any personal user information.
Microsoft has said then as part of Microsoft standard operating procedures, the data stored in the support case analytics database is redacted using automated tools to remove the personal information.
However, in the cases where users filed customer support requests using the nonstandard formatted data such as the name surname, the @ email domain com, instead of "name.surname@email.com") the data was not detected and redacted and also remained in the exposed database.
Now Microsoft said it began to notifying the impacted customers and although it also added that it found no malicious use of the data. Microsoft has blamed the accidental server exposure on their misconfigured Azure security rules it deployed on December 5 and which is now has been fixed.
The leaky customer support database consisted of a cluster of 5 Elasticsearch servers, which technology used to simplify the search operations. All 5 servers stored the same data and appearing to be mirrors of each other.
Diachenko said that Microsoft has secured the exposed database on the same day he reported the issue to the OS maker and despite being New Year's Eve. He said that he has been in a touch with the Microsoft team helping and supporting them to properly investigate it.
The servers contained roughly 250 million entries and information such as the email addresses, the IP addresses, and also the support case details. Microsoft said that most of the records did not contain any personal user information.
Microsoft has said then as part of Microsoft standard operating procedures, the data stored in the support case analytics database is redacted using automated tools to remove the personal information.
However, in the cases where users filed customer support requests using the nonstandard formatted data such as the name surname, the @ email domain com, instead of "name.surname@email.com") the data was not detected and redacted and also remained in the exposed database.
Now Microsoft said it began to notifying the impacted customers and although it also added that it found no malicious use of the data. Microsoft has blamed the accidental server exposure on their misconfigured Azure security rules it deployed on December 5 and which is now has been fixed.
