Over the December holiday period you were more than likely kicking back and enjoying your hard earned rest. Microsoft had no such luxury.
The Redmond software giant reported on Wednesday this week that it had concluded an investigation following an incident where a misconfiguration of an internal customer support database left customer data exposed.
The exposed data was discovered by a Comparitech security research team led by Bob Diachenko. The team says that it discovered five Elasticsearch servers each contain an identical set of 250 million records.
The discovery was made on 29th December 2019 and Comparitech says that Microsoft had secured the servers by no later than 31st December 2019.
“I immediately reported this to Microsoft and within 24 hours all servers were secured,” Diachenko said in a statement.
“I applaud the MS support team for responsiveness and quick turnaround on this despite New Year’s Eve,” the team leader added.
It’s a good thing Microsoft responded so quickly as Comparitech states the database contained sensitive information including email addresses, IP address, locations, confidential internal notes and more. Microsoft says that much of the data had been cleared of personal information but is contacting customers who may have had their data contained in the database.
This data could be used by tech support scammers.
“Microsoft customers and Windows users should be on the lookout for such scams via phone and email. Remember that Microsoft never proactively reaches out to users to solve their tech problems—users must approach Microsoft for help first. Microsoft employees will not ask for your password or request that you install remote desktop applications like TeamViewer. These are common tactics among tech scammers,” advises Comparitech.
Microsoft has apologised to its customers and said it is working diligently to prevent this from happening again.