Just In
-
-
-
-
Don't Miss
-
MP Board Class 10th, 12th Results 2024, Know Alternative Ways to Check Your Result -
Hardik Pandya OUT, Sandeep Sharma IN: Virender Sehwag reveals his India Playing 11 for T20 World Cup 2024 -
Gold Prices In US: Yellow Metal Rates Recover Amidst Economic Uncertainty, GDP Data In Focus -
Columbia University Anti-Israel Protests Persist Despite Administration's Ultimatums -
Razakar Review: Makrand Deshpande Film Makes Bold Attempt To Touch Sensitive Topic Of Hyderabad Genocide -
Toyota Fortuner Leader Edition – Top Things You Need To Know -
Mumbai Opens BMC Headquarters For Exclusive Heritage Tour -
Summer Style: 6 Must-Try Colors To Stay Fashionably Cool Like B-Town Divas!
More Than 250 Million Users Exposed To Data Breach On Microsoft Servers
Adding to the increasing security lapses and data exposes, Microsoft reveals that it had left some of the customer records unprotected. Microsoft published in a blog post that it had left hundreds of thousands of customer service and support requests exposed on servers without any password protection. The data was left exposed from December 5 to December 31, 2019.
Microsoft Data Expose
The exposed data was first discovered by Bob Diachenko of Security Discovery. Diachenko noted that the Windows originator had left more than 250 million users' data and analytics exposed. Microsoft had stored them on five Elastisearch servers that apparently mirrored each other.
The Microsoft blog post noted that the "data stored in the support case analytics database is redacted using automated tools to remove personal information". The company also confirmed that the 250 million entries have been properly redacted.
However, Microsoft also noted that in some cases, the data was originally filled in a format that was unrecognized by the system. In such cases, the email addresses may not have been redacted, the tech giant said. For instance, Microsoft might have used the email address as "XYZ @contoso com" instead of the usual "[email protected]".
[NEW REPORT] Misconfigurations happen - no matter how big or secured a company is. Here is my new report. 250M+ million Microsoft's Customer Service and Support (CSS) records were exposed on the web. https://t.co/C1Ll0nT8vz
— Bob Diachenko (@MayhemDayOne) January 22, 2020
What About Data Hack?
Comparitech, a security firm noted that customer support records gathered over 14 years were left exposed. The data includes email addresses, IP addresses, location of customers, and also the communication between a customer and the Microsoft representative. "We have solutions to help prevent this kind of mistake, but unfortunately, they were not enabled for this database," Microsoft said in the blog post.
While the communication records might sound uninteresting, hackers could use it to gather information and even steal data, money from unwary victims. However, Microsoft noted that there's no evidence that malicious parties accessed the exposed customer records. Microsoft, like other companies, has faced a breach before. One of the previous incidents involved a bug-tracking system and another involved exposed addresses on Outlook.com.
On being noted about the security threat, Microsoft has issued a fix, despite being New Year's Eve, Diachenko added. The company is reportedly working on several measures to boost security, including "auditing established network security rules for internal resources".
-
99,999 -
1,29,999 -
69,999 -
41,999 -
64,999 -
99,999 -
29,999 -
63,999 -
39,999 -
1,56,900
-
79,900 -
1,39,900 -
1,29,900 -
65,900 -
1,56,900
-
1,30,990 -
76,990 -
16,499 -
30,700 -
12,999
-
0 -
16,026 -
14,248 -
14,466 -
26,634 -
18,800 -
62,425 -
1,15,909 -
93,635 -
75,804
