Microsoft confirms blunder results in user data leak

Misconfigured endpoint was leaking sensitive Microsoft data

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A misconfiguredMicrosoftendpointwas exposing sensitive data about its  customers to the wider internet, the company has confirmed.

The software giant said it was notified about the misconfiguration by threat intelligence firm SOCRadar in late September, and acted quickly to plug the hole.

Fortunately, the language used in the announcement seems to suggest that the data hadn’t been accessed by an authorized third party, hopefully meaning users are safe.

No viruses involved

“This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers,” the company said.

These interactions, the company further stated, revolved around planning, potential implementation, and provisioning of Microsoft services.

“Our investigation found no indication customer accounts or systems were compromised. We have directly notified the affected customers,” it added.

Further in the announcement, it was said that the data included customer names, email addresses, contents of theemails, company names, and phone numbers. Furthermore, the endpoint was leaking files related to the work done between clients, Microsoft, and/or authorized partners.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

There were no vulnerability abuses, ormalware, involved - it was simply an endpoint misconfiguration, Microsoft confirmed.

While the company was relatively stingy on details, SOCRadar was happy to provide more insight. In a new blog post, the company said the data resided on an Azure Blob Storage, and that more than 65,000 entities from 111 countries were exposed. The oldest files dated back to 2017.

The Microsoft source code breach may be much bigger than we thought>Nearly all Microsoft 365 customers have suffered email data breaches>Check out the best encryption software right now

“On September 24, 2022, SOCRadar’s built-in Cloud Security Module detected a misconfigured Azure Blob Storage maintained by Microsoft containing sensitive data from a high-profile cloud provider,” SOCRadar said. THe data included “Proof-of-Execution (PoE) and Statement of Work (SoW) documents, user information, product orders/offers, project details, PII (Personally Identifiable Information) data, and documents that may reveal intellectual property."

Microsoft played down SOCRadar’s findings, saying the company “greatly exaggerated” the scope of the issue and the numbers

It also criticized SOCRadar for indexing the data and building a search portal for it, saying the move was “not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk."

SOCRadar’s analysis determined 2.4 TB of data were exposed, holding 335,000 emails, details on 133,000 projects, and 548,000 users.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)