The tech site Betanews reports that data from 250 million support processes with Microsoft customers have been accessible on the internet for years without protection from the Microsoft Customer Service. The data was on five servers that the security research team from Comparitech discovered.
Microsoft Files Had Been Edited Or Removed
The conversations between Microsoft support staff and their customers were stored on the servers. The records range from 2005 to December 2019. Access to the files was not password-protected and the data was also not encrypted. Anyone who discovered the files on the servers could read them in the browser. Most of the personal information about Microsoft customers in the Microsoft files had been edited or removed. Nevertheless, there was still a lot of sensitive data in plain text in the files found: customer email addresses, IP addresses, case descriptions, Microsoft support emails and internal notes.
Comparitech reportedly discovered the data on December 2019 and immediately informed Microsoft. Until December 31 Microsoft secured the files from unauthorized access and began investigating the incident. Microsoft announced information about the incident. According to Microsoft, an incorrect configuration was the reason for the disclosure of the Microsoft support files. The problem: Cyber gangsters could have captured the Microsoft data and used it for phishing attacks.
According to Microsoft, an internal customer support database was configured incorrectly. Microsoft used this database for the analysis of support processes. Microsoft does not want to have found any evidence in the investigation of the case that hackers have already exploited this data. Microsoft emphasizes that the data stored in this database is automatically removed in relation to the users. In individual cases however, this can be avoided. In such cases, Microsoft will inform the affected users.