AppsTechnology

Microsoft discloses data breach

1 Mins read

Microsoft discloses data breach

Microsoft exposed some of its customers’ names, email addresses, and email content, among other sensitive data.

A misconfigured Microsoft endpoint resulted in the potential for unauthenticated access to some business transaction data.

The company learned about the misconfiguration on September 24 and secured the endpoint.

“Our investigation found no indication customer accounts or systems were compromised. We have directly notified the affected customers,” Microsoft said.

The business transaction data included names, email addresses, email content, company name, and phone numbers. It might have also included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner.

“The issue was caused by an unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem and was not the result of a security vulnerability,” Microsoft said.

Cybersecurity company SOCRadar was the one to inform Microsoft about the misconfigured endpoint. Microsoft said SOCRadar “has greatly exaggerated the scope of this issue.”

“Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users. We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error,” Microsoft said.

On October 19, SOCRadar released a blog post claiming that sensitive data of over 65,000 entities was leaked due to a single misconfigured data bucket.

“Threat actors who may have accessed the bucket may use this information in different forms for extortion, blackmailing, creating social engineering tactics with the help of exposed information, or simply selling the information to the highest bidder on the dark web and Telegram channels,” SOCRadar said.

See also  Microsoft is selling the metaverse now ⁠— and it’s helping make everything from robots to ketchup

The company also released a search tool for companies to see if their data had been leaked.

“We are disappointed that SOCRadar has chosen to release publicly a ‘search tool’ that is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk,” Microsoft said.

 

Source: Cybernews.com

Related posts
Matters ArisingTechnology

Microsoft Bars Employee Access to Perplexity AI, Impacting Azure OpenAI's Major Customers

1 Mins read
Microsoft Bars Employee Access to Perplexity AI, Impacting Azure OpenAI’s Major Customers Microsoft is blocking employee access to Perplexity AI, one of the…
Artificial IntelligenceMatters ArisingTechnology

TikTok Ban Clears Significant Hurdle, While Perplexity AI Continues to Revolutionize Search

1 Mins read
TikTok Ban Clears Significant Hurdle, While Perplexity AI Continues to Revolutionize Search Well, if you are a big TikTok fan and live…
BusinessfinanceHeadlineTechnologyTelecom

Deloitte Unveils Exciting Technology, Media, and Telecom Forecasts for 2024

5 Mins read
Deloitte Unveils Exciting Technology, Media, and Telecom Forecasts for 2024 Deloitte, a leading global provider of audit and assurance, consulting, financial advisory,…

Leave a Reply

Your email address will not be published. Required fields are marked *