"Microsoft Exposed 250 Million Customer Support Records"

Researchers discovered that more than 250 million customer service and support records were exposed by Microsoft over two days in December 2019 due to a server misconfiguration. The records included logs of exchanges between Microsoft’s customer support and its customers, spanning a 14- year period from 2005 to 2019. Most of the sensitive personally identifiable information was redacted, but there were still some things that were in plain-text form. These records included IP addresses, locations, internal notes which were marked “confidential”, customer email addresses, descriptions of customer service support claims and cases, Microsoft support agent emails, case numbers, resolutions, and remarks. The researchers notified Microsoft immediately when found. Microsoft then immediately secured the data and started an investigation within two days of being notified. Microsoft has detected no malicious use of the leaky servers that the records were on.

WeLiveSecurity reports: "Microsoft Exposed 250 Million Customer Support Records"

Submitted by Anonymous on Thu, 01/23/2020 - 12:40