- This topic is empty.
Viewing 1 post (of 1 total)
-
Posts
-
Microsoft hasĀ confirmedĀ that some of its customersā personal information has been exposed by an unintentionally misconfigured server that allowed unauthenticated access to business transaction data.
The tech giant confirmed that it secured the server after cybersecurity researchers at SOCRadar notified it of the leak on 24 September 2022.
Microsoft explained that the flaw made it possible to gain unauthenticated access to business transaction data relating to interactions between the company and potential customers.
āOur investigation found no indication customer accounts or systems were compromised. We have directly notified the affected customers,ā it added.
Microsoft said that the exposed information includes the following:
-
Names;
-
Email addresses and email content;
-
Company names;
-
Phone numbers; and
-
Files linked business between customers and Microsoft or authorised Microsoft partners.
Microsoft explained that while it appreciates SOCRadar informing it about the breach, it is disappointed with the cybersecurity firmās exaggeration of the issue.
āOur in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users,ā Microsoft said.
āWe take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.ā
-
Viewing 1 post (of 1 total)
- You must be logged in to reply to this topic.