Huge data leak at Microsoft: 65,000 companies affected
Sensitive customer data
A configuration error at Microsoft led to a massive data leak. Sensitive customer data from numerous companies was publicly accessible.
news
A configuration error at Microsoft apparently led to one in the past huge data leak. Sensitive customer data from numerous companies was temporarily unprotected and publicly accessible. That shared Microsoft in one blog entry With.
After a note from security researchers, which was received in September, Microsoft has secured the server again. Before that, however sensitive business data and customer information (including names, email addresses, email content, company names and phone numbers) from almost 65,000 companies have been in danger of being viewed by third parties.
Microsoft emphasizes that the error was not a security vulnerability. The issue was caused by an unintentional misconfiguration on an endpoint that is not used across the Microsoft ecosystem. Therefore also exist no danger for other data storage.
According to Microsoft’s own research, it should no hint have indicated that customer accounts or systems have been compromised by the bug. Nevertheless, they promise to improve their own processes in order to be able to prevent such problems in the future.
Microsoft disappointed by security researchers, finds numbers exaggerated
The company also emphasizes that they would have liked the security researchers to deal with the problem differently. You have the problem in Data Leak Report exaggerated and some data was counted several times and a search tool was set up for those affected, although this is not in the interest of data protection and customers.
Microsoft, on the other hand, has data subjects notified directly and how to contact Microsoft if you have any questions or problems. Anyone who did not receive such a message was therefore not affected by the data leak.
According to the experts, the data come from the years 2017 to 2022 as well as from 111 different countries. Viewed from the outside, it is difficult to judge whether the security researchers miscalculated their investigation or whether Microsoft is downplaying the situation. Ultimately, however, those affected have to rely on the information provided by Microsoft.
Continue to home page
Reference-www.pc-magazin.de