Misconfigured Microsoft database exposed 250 million customer service records

Channel:
United Kingdom Colin Boyd SEO
Subscribers:
4,200
Published on ● Video Link: https://www.youtube.com/watch?v=oCmh7bBFatM


Duration: 2:14
30 views
1

Reported today on TechSpot

For the full article visit: https://www.techspot.com/news/83666-misconfigured-microsoft-database-exposes-250-million-customer-service.html

Misconfigured Microsoft database exposed 250 million customer service records

Some dating back to 2005

In brief: Security researchers with Comparitech recently discovered a collection of 250 million Microsoft Customer Service and Support (CSS) records sitting – unsecured – in a database accessible to anyone with a web browser.

The records contain conversations, logs and information between Microsoft support agents and customers from around the globe dating all the way back to 2005.

Comparitech said it found five Elasticsearch servers, each with a seemingly identical set of the 250 million records, on December 29, 2019 – just one day after they were indexed by search engine BinaryEdge.

Most personally identifiable information was redacted from the records although many of them contained other information such as customer e-mail addresses, IP addresses, locations, descriptions of CSS claims and cases, support agent e-mails, resolutions and remarks, case numbers and internal notes marked as "confidential."

Fortunately, Comparitech did the responsible thing and reached out to Microsoft about the matter. Redmond's support team got right on it and had all of the vulnerable servers secured within 24 hours.

Even with the short window, opportunity existed for nefarious activity although Comparitech said it is unsure if any other unauthorized parties accessed the databases during that time.

In its own blog post, Microsoft held itself accountable, citing a change made to the database's network security group on December 5, 2019, as the culprit. The company said the issue was "specific to an internal database used for support case analytics and does not represent an exposure of our commercial cloud services.



Other Videos By Colin Boyd SEO


2020-01-23Motorola finally reveals Razr's new release date and pre-order window
2020-01-23European court: Nintendo doesn't have to offer refunds for digital pre-orders
2020-01-23Installing or updating Office 365 will quietly set Chrome default search to Bing
2020-01-23Google partners with Verizon to bundle Stadia with Fios Gigabit plans
2020-01-23Jeff Bezos' phone was reportedly hacked using Saudi Prince's WhatsApp account
2020-01-23Cruise's self-driving electric shuttle is purpose built for ridesharing
2020-01-23Twitter is rolling out emoji reactions for direct messages
2020-01-23Microsoft's Project xCloud preview is coming to Canada on January 29
2020-01-23Wasteland Remastered is hitting the market on February 25
2020-01-23Netflix confirms rumors of a Witcher anime written by series co-producer Beau DeMayo
2020-01-23Misconfigured Microsoft database exposed 250 million customer service records
2020-01-23Kids are secretly 'talking' to each other in class using AirPods and apps
2020-01-23The latest data on the January 2020 Google core update
2020-01-233D printing body parts is close — but it needs proper regulation
2020-01-23Google desktop favicon search results study
2020-01-23Fujifilm’s new X-T200 camera uses gyro sensors to shoot steady 4K video
2020-01-23Case study: The true value of informational content for e-commerce SEO
2020-01-23Google January 2020 core update almost done rolling out
2020-01-23Microsoft’s software plan for the Duo Android phone is surprisingly realistic
2020-01-23Become a Search Engine Land MVP and you could win a FREE ticket to SMX!
2020-01-23Trump had his biggest presidential Twitter day as he reacted to his impeachment trial - CNET