Microsoft customer support database exposed online
Exposure was the result of misconfigured Azure security rules
Microsoft has disclosed a security breach where an internal customer support database was exposed online last month.
The software giant provided further details on the security breach in a blog post in which it said that the database was storing anonymized user analytics and was accidentally exposed online between December 5 and December 31.
Security researcher at Security Discovery, Bob Diachenko first discovered the database and reported it to Microsoft. The company quickly secured the exposed database on the same day he reported the issue, despite the fact that he did so on New Year's Eve.
- Microsoft CEO believes backdoors aren't the answer
- Millions of Adobe Creative Cloud accounts exposed online
- Microsoft looks to secure the IoT with Azure Sphere
According to Diachenko, the customer support database contained a cluster of five Elasticsearch servers that are used to help simplify search operations. All five servers stored the same data as they appear to be mirrors of each other.
Exposed database
The servers storing Microsoft's customer support database contained almost 250m entries including information such as email addresses, IP addresses and support case details. Thankfully though, most of the records did not contain any personal user information according to the company's blog post, which reads:
“As part of Microsoft’s standard operating procedures, data stored in the support case analytics database is redacted using automated tools to remove personal information. Our investigation confirmed that the vast majority of records were cleared of personal information in accordance with our standard practices. In some scenarios, the data may have remained unredacted if it met specific conditions. “
If users filed out customer support requests using non-standard formatted data, then that data was not detected and redacted but remained in the exposed database. Microsoft has already begun notifying impacted customers though the company has “found no malicious use” of the data.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
According to the company, the accidental server exposure was the result of misconfigured Azure security rules it deployed on December 5 which have now been fixed.
- Also check out our roundup of the best antivirus software
Via ZDNet
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Yet another tech startup wants to topple Nvidia with 'orders of magnitude' better energy efficiency; Sagence AI bets on analog in-memory compute to deliver 666K tokens/s on Llama2-70B
You can now rent Google's most powerful AI chip: Trillium TPU underpins Gemini 2.0 and will put AMD and Nvidia on high alert