Loving Life TV

Microsoft server configuration error exposes customer names, emails, and phone numbers

Home Forums A SECURITY AND NEWS FORUM Microsoft server configuration error exposes customer names, emails, and phone numbers

  • This topic is empty.
Viewing 1 post (of 1 total)
  • Author
    Posts
  • #35816
    Nat Quinn
    Keymaster
    Microsoft has confirmed that some of its customers’ personal information has been exposed by an unintentionally misconfigured server that allowed unauthenticated access to business transaction data.
    The tech giant confirmed that it secured the server after cybersecurity researchers at SOCRadar notified it of the leak on 24 September 2022.
    Microsoft explained that the flaw made it possible to gain unauthenticated access to business transaction data relating to interactions between the company and potential customers.
    “Our investigation found no indication customer accounts or systems were compromised. We have directly notified the affected customers,” it added.
    Microsoft said that the exposed information includes the following:
    • Names;
    • Email addresses and email content;
    • Company names;
    • Phone numbers; and
    • Files linked business between customers and Microsoft or authorised Microsoft partners.
    Microsoft explained that while it appreciates SOCRadar informing it about the breach, it is disappointed with the cybersecurity firm’s exaggeration of the issue.
    “Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users,” Microsoft said.
    “We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.”
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.