Microsoft admits data leak of 250 million users after customer service, support records were exposed on the web

A data breach of 250 million Microsoft users has been brought to light by the Comparitech security research team, which is led by Bob Diachenko. The researchers found that 250 million Customer Service and Support records were exposed on the web.

Microsoft has since acknowledged the data breach saying it was due to “misconfiguration of an internal customer support database”, which the company uses for tracking support cases. This includes logs of conversations between Microsoft support agents and customers of 14 years.

The company says it fixed the vulnerability on 31 December 2019.

Microsoft. Image: Reuters

The researchers reveal that most of the leaked data like “emails, contact numbers, and payment information” were redacted. However, a large portion of the leaked data reportedly was also in plain text, which included, but was not limited to, customer email addresses, IP addresses, locations, Microsoft support agent emails, case numbers, resolutions, and remarks and internal notes marked as “confidential”.

On 21 January 2020, Microsoft published a blog, where it admitted the data breach. Ann Johnson, corporate vice president, Cybersecurity Solutions Group at Microsoft said that the investigation "found no malicious use". “Although most customers did not have personally identifiable information exposed, we want to be transparent about this incident with all customers and reassure them that we are taking it very seriously and hold ourselves accountable,” he wrote in the blog.

Microsoft also revealed that this breach was caused by a change made to the database’s network security group on 5 December 2019, which contained misconfigured security rules that enabled exposure of the data. "This issue was specific to an internal database used for support case analytics and does not represent an exposure of our commercial cloud services."



from Firstpost Tech Latest News https://ift.tt/2tO6hYt
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us