Microsoft admits 250 million Customer Support records exposed online
By MYBRANDBOOK
Microsoft has admitted that a security incident has exposed nearly 250 million "Customer Service and Support" (CSS) records on the Internet. It is due to a misconfigured server containing logs of conversations between its support team and customers.
Cybersecurity researcher Bob Diachenko has spotted the unprotected database and reported to Microsoft. The logs contained records from the year 2005 to December 2019.
In a blog post, Microsoft confirmed that it is due to misconfigured security rules added to the server in question on December 5, 2019, enabled exposure of the data, which remained the same until engineers remediated the configuration on December 31, 2019.
Microsoft also said that the database was redacted using automated tools to remove the personally identifiable information of most customers, except in some scenarios where the information was not the standard format.
"Our investigation confirmed that the vast majority of records were cleared of personal information in accordance with our standard practices," Microsoft said.
However, according to Diachenko, many records in the leaked database contained readable data on customers, including their email addresses, IP addresses, Locations, Descriptions of CSS claims and cases, Microsoft support agent emails, Case numbers, resolutions, and remarks, Internal notes marked as "confidential."
"This issue was specific to an internal database used for support case analytics and does not represent an exposure of our commercial cloud services," Microsoft said.
As a result of this incident, the company said it began notifying impacted customers whose data was present in the exposed Customer Service and Support database.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
OPTIEMUS INFRACOM
TVS ELECTRONICS LTD.
WIPRO LTD.
FRESHWORKS TECHNOLOGIES PVT. LTD.
Technology Icons Of India 2023: Rajiv Memani
As Chair of the EY Global Emerging Markets Committee, Rajiv connects e...
Technology Icons Of India 2023: Debjani Ghosh
Debjani Ghosh is the first woman president of NASSCOM (the umbrella bo...
Technology Icons Of India 2023: Kulmeet Bawa
Kulmeet Bawa resides as President & Managing Director, SAP Indian subc...
CERT-IN protecting the cyber security space of India
CERT-In serves in the area of cyber security threats like hacking and ...
C-DOT enabling India in indigenous design, development and production of telecom technologies
An autonomous telecom R&D centre of Government of India, Center of Dev...
TCIL continues to strengthen India with its technology expertise
TCIL undertakes consultancy & turnkey projects in the field of Telecom...
INFLOW TECHNOLOGIES PVT. LTD.
Inflow Technologies is a niche player in the IT Infrastructure Distrib...
FORTUNE MARKETING PVT. LTD.
Delhi based Fortune Marketing, An ISO 9001:2008 company, distributes ...
EXCLUSIVE NETWORKS SALES INDIA PVT. LTD.
Exclusive Networks is a globally trusted cybersecurity specialist hel...