Data leak: Microsoft support database with customer data open on the net

Data leak: Microsoft support database with customer data open on the net

After the change to the customer’s database, some of the sensitive information obtained with the help of Microsoft was freely accessible in-direct text over the Internet. It is said to have recorded about 250 million call centre records over the last 14 years.

Microsoft now revealed in a blog post. It says the company had unauthorized access to its customer support database. The trigger was a misconfiguration of the database, which, for some 250 million users, included contact data and internal Microsoft notes.

suppport scam website

The data leak was discovered by an external security researcher: Bob Dyachenko’s team discovered this database in late December and reported it to Microsoft. There he quickly assumed that public access had been cancelled.

Microsoft has not yet detected any abuse

According to Microsoft, the database containing the supporting documentation was incorrectly configured on December 5, which was noticed only three weeks later. The software giant has now completed an investigation into the incident, it states in a blog post and continues:

“Although this investigation did not identify any abusive use and most users did not disclose any personal data What we do not want is to make this incident transparent – to assure all users and to them that we take it very seriously and feel responsible for it.

READ ALSO:   how to get social networks to moderate content

scam

In the media, however, the data leak and its results are presented in a very different way: as stated, some data in the database was stored in plain text. It is said to contain information such as email addresses of customers and support staff, IP addresses, locations, case numbers and secret entry notes.

This information came from the investigating team who reported the problem. All of this customer data can be used by malicious actors accordingly, for example, Microsoft now specifically pretends to be Microsoft Support employees to deceive customers.

An increase in support scams is now feared, which could be fed with the original data of the customers.

Phishing emails and support scam websites

pishing website emails

scam emails

In the media, however, the data leak and its results are presented in a very different way: as stated, some data in the database was stored in plain text. It is said to contain information such as email addresses of customers and support staff, IP addresses, locations, case numbers and secret entry notes.

This information came from the investigating team who reported the problem. All of this customer data can be used by malicious actors accordingly, for example, Microsoft now specifically pretends to be Microsoft Support employees to deceive customers.

Winfuture.de

Also Read: 

Intel Tiger Lake processor new U GeekBench running points exposure: single-core 1400 tie 3950X

Microsoft is working on a new tool for the PowerToys system

1 thought on “Data leak: Microsoft support database with customer data open on the net

  1. Such news always makes you think about what information about yourself to share on the Internet, in e-mails or electronic transaction services. Fortunately, this leak didn’t get any worse. The most important asset of the various ISPs is trust, and any leaks will undermine that trust.

Leave a Reply

Your email address will not be published.