Reading time: 4 mins
28 October 2022
The latest security breach from Microsoft has revealed a significant amount of personal data stored in their database.
This data leak is extremely alarming for users who have trusted Microsoft with storing and protecting their sensitive information. The exposed records contain names, email addresses, phone numbers, passwords and credit card numbers of some of their customers.
While this may not be the first time a large tech company has suffered a major security breach, it does highlight the need for better cybersecurity practices across industries. It’s more important than ever to protect your most valuable data and keep it out of the hands of malicious parties.
Though Microsoft did not give away how many people were affected by the data leak, SOCRadar (cyber threat intelligence company) reports that over 65,000 entities in 111 countries are included. 2.4 terabytes of data was exposed and includes invoices, product orders, signed customer documents, partner ecosystem details--to name a few.
When security company platform discovers that some of its users' data are exposed due to misconfigured cloud buckets, it automatically sent them alarms. This was also the case with this leak, especially as it also included business transaction data.
Microsoft did not agree with these reports. The differences of opinion concern not only the incident itself, but also the amount of exposed data.
Tens of thousands of entities are thought to be impacted by this leak, which would make it one of the largest B2B data leaks. Microsoft has refused to disclose how many they believe have been affected, so SOCRadar analysts did their best to understand the scope of the incident.
In their statement from 19th October 2022 once they had been notified of the mistake, they quickly took action and fixed it. From now only people with the proper authentication can access the endpoint. Their investigation found no indication customer accounts or systems were compromised and they have directly notified the affected customers.
Apparently, the problem was fixed by an accidental misconfiguration on an endpoint that is not being used across the Microsoft ecosystem. It didn't happen because of a security vulnerability. They were working hard to make sure the whole processes would stop this type of misconfiguration from happening again. They also informed about doing extra research to confirm the security of all Microsoft endpoints.
Microsoft said: "The business transaction data included names, email addresses, email content, company name, and phone numbers, and may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner."
After analysing the data set, they we discovered that there was a lot of duplicate information. There were multiple references to the same emails, projects, and users.
We also read: "We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error."
The leak reportedly includes sensitive information such as names, email addresses, phone numbers, and payment card details for millions of customers across various Microsoft services.
While the exact cause of the leak is still unclear, some security experts speculate that it may have stemmed from vulnerabilities in Microsoft's systems or infrastructure. Others believe that the breach could be attributed to a malicious scammer who gained unauthorised access to customer data through phishing or other tactics.
Regardless of the root cause, this incident highlights the importance of protecting sensitive customer information and taking swift action to address any vulnerabilities that may put customer data at risk. Microsoft has already stated that it is working to resolve the issue, maintaining sensitive data and will be providing regular updates to customers as the situation unfolds. In the meantime, users are urged to be vigilant when using any of Microsoft's services and to exercise caution when sharing personal information online.