Microsoft customer support database exposed online

Exposure was the result of misconfigured Azure security rules

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsofthas disclosed a security breach where an internal customer support database was exposed online last month.

The software giant provided further details on the security breach in a blog post in which it said that the database was storing anonymized user analytics and was accidentally exposed online between December 5 and December 31.

Security researcher at Security Discovery,Bob Diachenkofirst discovered the database and reported it to Microsoft. The company quickly secured the exposed database on the same day he reported the issue, despite the fact that he did so on New Year’s Eve.

According to Diachenko, the customer support database contained a cluster of fiveElasticsearch serversthat are used to help simplify search operations. All five servers stored the same data as they appear to be mirrors of each other.

Exposed database

The servers storing Microsoft’s customer support database contained almost 250m entries including information such as email addresses, IP addresses and support case details. Thankfully though, most of the records did not contain anypersonal user informationaccording to the company’sblog post, which reads:

“As part of Microsoft’s standard operating procedures, data stored in the support case analytics database is redacted using automated tools to remove personal information. Our investigation confirmed that the vast majority of records were cleared of personal information in accordance with our standard practices. In some scenarios, the data may have remained unredacted if it met specific conditions. “

If users filed out customer support requests using non-standard formatted data, then that data was not detected and redacted but remained in the exposed database. Microsoft has already begun notifying impacted customers though the company has “found no malicious use” of the data.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

According to the company, the accidental server exposure was the result of misconfigured Azure security rules it deployed on December 5 which have now been fixed.

ViaZDNet

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

AMD just outsold Intel in the data center space for the first time ever

The UK government wants to help businesses make trustworthy AI products

Apple iMac 24-inch M4 (2024) review: the best, and most colorful, all-in-one computer levels up