Microsoft Exposes 250M Customer Support Records On Leaky Servers – Experts Comments

Microsoft disclosed a security breach that led to the accidental exposure of around 250 million customer support and service records, some containing personally identifiable information, between 05 and 31 December 2019. The exposure was caused by a misconfigured internal customer support database, which consisted of a cluster of five Elasticsearch servers, a technology used to simplify search operations.


EXPERTS COMMENTS
Roger Grimes, Data-driven Defence Evangelist ,  KnowBe4
January 23, 2020
There are multiple layers of controls and education designed to stop it from happening.
This is a fairly common type of hack. Overly permissive permissions abound on servers and cloud products all over the Internet. Having worked for Microsoft for 15 years, 11 years as a full-time employee, I’ve seen firsthand how much they try to fight scenarios like this. There are multiple layers of controls and education designed to stop it from happening. And it shows you how hard it is to pre ....
[Read More >>]
Leigh Anne Galloway, Cybersecurity Resilience Lead,  Positive Technologies
January 23, 2020
If you receive an email that looks to be from Microsoft support, don’t open it – contact customer services instead.
This incident shows that even the smallest misconfiguration error can place large amounts of consumer data at risk. Microsoft should be applauded for its swift response, even during the holiday season. With email addresses and knowledge that a consumer contacted Microsoft support, cybercriminals can launch targeted spear-phishing attacks that could have high success rates, so anyone that has been ....
[Read More >>]
Vinay Sridhara, CTO,  Balbix
January 23, 2020
There have been countless exposures of critical data over the past couple of years.
Yet another cybersecurity prophecy has become reality, with Matthew Rathbun, CISO for Azure Government stating, "Ninety percent of my threat landscape starts with a human, either maliciously or inadvertently, making a mistake that somehow compromises security." Despite spending over $1 billion annually on cybersecurity, Microsoft has exposed data on 250 million customers by exposing several databa ....
[Read More >>]
Chris DeRamus , VP of Technology Cloud Security Practice,  Rapid7
January 23, 2020
Microsoft must ensure that their security team understands that incorrectly configured policies can result in costly damages.
Misconfiguring a cloud server can have massive consequences, especially when the server contains hundreds of millions of customers’ records. Aside from this incident with Microsoft, we have seen misconfigured Elasticsearch servers become an increasingly common culprit that recently caused data leaks at companies including Rubrik, Voipo, Gearbest, Meditab, and Dow Jones. What sticks out about t ....
[Read More >>]
Ekaterina Khrustaleva, COO,  ImmuniWeb
January 23, 2020
The data is a gold mine for patient criminals aiming to breach large organizations and governments.
Assuming the data was not exploited by malicious actors as per the official statement, there is not much practical risk so far. However, it is impossible to say whether the information from this server, or other presumably existing servers, has ever been detected and stolen by cybercriminals. The absence of PII* in the dump is irrelevant here, given that technical support logs frequently expose V ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article