News

Microsoft accidentally disclosed database of 250 million customer support users

Microsoft faces yet another data breach that took place in December of the last year. The operating system maker talked about the security breach in a blog post stating that an internal customer support database that was used to store anonymous analytic of users was “accidentally” exposed online without the proper protection.

A local firm known as Security Discover reported the data breach to Microsoft. Bob Diachenko is the researcher who had been working on the security flaw. According to him, the leaked database contained a cluster of five Elastisearch servers, a software that could simplify the search operation. Diachenko told ZDNet in an interview that all 5 of the servers were the image of each other and consisted of the same data.

Microsoft however secured the data on the same day on which Dianchenko reported it to the company.

The 5 servers contained over 240 million entries. The information saved in the entries is IP addresses, email addresses, and support case details. As per Microsoft, the database did not contain any personal information of the users.

Microsoft addressed the situation by saying: “As part of Microsoft’s standard operating procedures, data stored in the support case analytics database is redacted using automated tools to remove personal information.”

Shortly all the impacted users were notified by Microsoft. No malicious use of the exposed data had been observed by the company. The OS maker giant blamed the data leak on misconfigured Azura security rules that had been deployed earlier in December last year.

The company further added that there are certain measures that they are going to take so that the security breach like that would not occur in the future:

    • The established security rules will be audited for internal resources
    • Expansion of the mechanisms that identify misconfiguration of the security rules
    • Once security rule misconfiguration occurs, an additional alert to the service team will be sent
    • Adding extra redaction automation
Sponsored
Naima Rabbie

Share
Published by
Naima Rabbie

Recent Posts

Rumors Indicate iPhone 17 May Feature Unconventional Camera Design

Apple is reportedly preparing for a significant design overhaul with its iPhone 17 series, blending…

8 hours ago

First AI-Powered Teacher Launched in Pakistan’s Private School

Karachi: A private school in Karachi has unveiled Pakistan’s first AI-powered teacher, a groundbreaking move…

9 hours ago

Yahoo Surprises Users with Its Latest Android Launcher

Third-party apps have long been a staple of the Android ecosystem, but their appeal has…

11 hours ago

Phase-II Review of PTCL-Telenor Deal Finalized by CCP

ISLAMABAD: The Competition Commission of Pakistan (CCP) has completed its Phase-II review of Pakistan Telecommunication…

11 hours ago

Xiaomi’s SU7 Achieves New Production Record, Driving Q3 Growth

Xiaomi has shattered records by producing 100,000 vehicles in just 230 days. This is nearly…

12 hours ago

Teachers Can Now Access OpenAI’s Free AI Course

OpenAI, in collaboration with nonprofit organization Common Sense Media, announced on Wednesday the launch of…

13 hours ago