Heimdal
article featured image

Contents:

Microsoft confirms that they have been the victim of a data breach, which allowed threat actors to gain access to the personal information of some customers. The cause of the breach seems to be a misconfigured Microsoft server accessible over the Internet, security researchers claim.

Details on the Breach

In a statement released on October 19th, Microsoft declared that threat actors managed to infiltrate their systems and steal customers’ information from some old business transactions due to the misconfiguration of the endpoint.

This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services,

Source

Luckily, security experts located the origin of the breach and upon being notified of the misconfiguration, Microsoft secured the endpoint, making it accessible only with the required authentication. As per BleepingComputer, an internal investigation was started to find whether or not customer accounts or systems were compromised, but fortunately, this was not the case. The affected customers were directly notified by the company.

Data of 65,000 Customers Allegedly Leaked

While Microsoft refrained from providing any information regarding the number of customers affected by the data leak, security researchers claim that more than 65,000 entities from 111 countries were victims of the data breach.

Names, email addresses, email content, company names, phone numbers, and files related to transactions between the impacted customers and Microsoft or an approved Microsoft partner are among the information that was exposed, according to Microsoft.

The information was stored in files dated from 2017 to August 2022 on Azure Blob Storage. After conducting an analysis, researchers claim that the leaked data includes Proof-of-Execution (PoE) and Statement of Work (SoW) documents, product orders/offers, project details, PII (Personal Identifiable Information) data, and documents that may reveal intellectual property.

Microsoft is working on improving its processes to further prevent this type of misconfiguration from happening again.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.

Author Profile

Cristian Neagu

CONTENT EDITOR

linkedin icon

Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE