Microsoft entered into a new scandal today after databases with information about hundreds of millions of people could be accessed without restrictions from the Internet, the security problem being quite serious. We are talking about five servers with databases that had 250 million entries with information such as IPs, email addresses of Microsoft customers, and not only that, they were exposed for about a day to anyone who knew their address.
Microsoft exposed on the Internet 250 million data entries for customers who asked the company for help with various problems they had with its products over time. Although the security breach is an extremely serious one, the Microsoft company claims that people's personal data would not have been freely accessible, although the email address is not exactly non-personal information, but it would not have been about phone numbers , or physical addresses.
Microsoft: Data of HUNDREDS OF MILLIONS of People EXPOSED on the Internet
Microsoft was warned about this problem right on New Year's Day, and according to those who discovered it, it was solved just a few hours after it was reported. The problem is that those data were accessible to anyone between December 5 and 31, 2019, so hackers scanning Microsoft's network could have discovered and downloaded those databases without problems during this time, as they were also discovered by researchers.
“Today, we closed an investigation into a misconfiguration of an internal customer support database used to analyze Microsoft support cases. While the investigation found no malicious use, and while most customers did not have personally identifiable information exposed, we want to be transparent about this incident with all customers and ensure that we take it very seriously and take responsibility."
Microsoft started today to notify the customers whose data was exposed as part of this security breach, especially since in the case of some it seems that the information was not completely redacted by the company. Moreover, the people from Microsoft tell people whether the data that was exposed together with the database was used for a malicious purpose until now, or not, but the company can't even know anyway manipulated information.
Microsoft he acknowledged the problem through a post on his official blog, and offered explanations for the whole situation there, but it is unlikely that the affected people will get over this problem very easily.
