• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Microsoft Misconfiguration Exposes Customer Data

You are here: Home / General Cyber Security News / Microsoft Misconfiguration Exposes Customer Data
October 20, 2022

Microsoft has verified that a misconfigured endpoint unintentionally leaked business enterprise and individually identifiable facts (PII) for some shoppers.

The tech giant reported it was informed about the incident by risk intelligence firm SOCRadar on September 24, and secured the endpoint before long after with authentication.

“This misconfiguration resulted in the possible for unauthenticated access to some business enterprise transaction facts corresponding to interactions involving Microsoft and future shoppers, these kinds of as the organizing or possible implementation and provisioning of Microsoft products and services,” it explained.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“The enterprise transaction data incorporated names, email addresses, email information, corporation name and phone numbers, and could have bundled hooked up information relating to organization among a customer and Microsoft or an authorized Microsoft lover.”

SOCRadar claimed in its own weblog post yesterday that as several as 65,000 “entities” across 111 international locations around the globe had been impacted by the leak. It mentioned that the incident stemmed from a misconfigured Azure Blob Storage bucket.

The firm acknowledged that Microsoft mounted the misconfiguration within just several hours.   

Nevertheless, the Redmond big claimed SOCRadar “greatly exaggerated” the measurement of the leak and took other actions not conducive to improving buyer security.

“Our in-depth investigation and evaluation of the data established exhibits duplicate facts, with many references to the identical emails, assignments, and consumers. We acquire this issue quite significantly and are disappointed that SOCRadar exaggerated the figures involved in this issue even after we highlighted their error,” it mentioned.

“More importantly, we are dissatisfied that SOCRadar has picked to launch publicly a ‘search tool’ that is not in the best curiosity of making sure consumer privacy or security and most likely exposing them to unwanted risk.”

It claimed all impacted clients have been notified by the business.


Some parts of this write-up are sourced from:
www.infosecurity-magazine.com

Previous Post: «new ursnif variant likely shifting focus to ransomware and data New Ursnif Variant Likely Shifting Focus to Ransomware and Data Theft
Next Post: These 16 Clicker Malware Infected Android Apps Were Downloaded Over 20 Million Times these 16 clicker malware infected android apps were downloaded over»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
  • How to Interpret the 2023 MITRE ATT&CK Evaluation Results
  • Iranian Nation-State Actor OilRig Targets Israeli Organizations
  • High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
  • Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
  • Mysterious ‘Sandman’ Threat Actor Targets Telecom Providers Across Three Continents
  • Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
  • The Rise of the Malicious App
  • China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
  • Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers

Copyright © TheCyberSecurity.News, All Rights Reserved.