This Wednesday (19), Microsoft confirmed Sensitive consumer information exposed due to a misconfigured server. The flaw was discovered by SOCRadar researchers and reported to the company on September 24, which soon fixed the issue.
According to SOCRadar, “Sensitive data from 65,000 entities has been made public” due to misconfigured server. may fail Microsoft disclosed customer information from more than 150,000 companies in 111 countries.
Microsoft pointed out it wasn’t a security breach and that’sm customer accounts or systems compromised. The company has also reached out to affected customers to resolve the issue.
Stating that the data that may have been accessed include the names, addresses and contents of the emails, company names, phone numbers, Microsoft said it “may also include business-related attachments between the customer and Microsoft or an authorized partner.” ”.
High or exaggerated numbers?
“The defect resulted from misconfiguration on an endpoint server that was not used in the Microsoft ecosystem and was not the result of a security vulnerability,” the company said in a statement, which continues to investigate the case.
SOCRadar claims to have found a total of 2.4TB of data on the Microsoft server in question, including information such as 335,000 emails, 133,000 projects, and 548,000 users, in its analysis so far.
Microsoft, for its part, claims that SOCRadar’s disclosed data is “exaggerated” regarding the issue at hand. The company also claims to have found duplicate information during its analysis.
Source: Tec Mundo
