>
A misconfigured Microsoft endpoint was exposing sensitive data about Microsoft’s customers to the wider internet, the company confirmed in a press release published earlier this week. When he announced the news this Wednesday, the Redmond giant said he was notified of the misconfiguration by threat intelligence agency SOCRadar in late September and closed the gap shortly after.
The language used in the announcement seems to suggest that the data was not accessed by an authorized third party: “This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and potential customers.” the company said sadly. .
These interactions, the company said, revolved around planning, potential deployment and delivery of Microsoft services.
No viruses involved
“Our investigation found no indications that customer accounts or systems have been compromised. We have notified affected customers directly,” it added.
Further in the announcement, it was said that the data includes customer names, email addresses, content of the emails, company names and phone numbers. In addition, the endpoint leaked files related to the work being done between customers, Microsoft, and/or authorized partners.
There was no exploit of vulnerabilities or malware – it was just a misconfiguration of the endpoint, Microsoft confirmed.
Although the company was relatively careful with details, SOCRadar was happy to provide more insight. In a new blog post, the company said the data was on an Azure Blob Storage and more than 65,000 entities from 111 countries were exposed. The oldest files date from 2017.
“On September 24, 2022, SOCRadar’s built-in Cloud Security Module discovered a misconfigured Azure Blob Storage maintained by Microsoft that contains sensitive data from a leading cloud provider,” said SOCRadar. The data includes Proof-of-Execution (PoE) and Statement of Work (SoW) documents, user information, product orders/offers, project details, PII (Personally Identifiable Information (opens in new tab)) data and documents that may reveal intellectual property.”
Microsoft downplayed SOCRadar’s findings, saying the company had “greatly exaggerated” the magnitude of the problem and the numbers. BleepingComputer reports. It also criticized SOCRadar for indexing the data and building a search portal for it, saying the move was “not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risks. “
SOCRadar’s analysis revealed that 2.4TB of data was uncovered, containing 335,000 emails, details on 133,000 projects, and 548,000 users.
Through: BleepingComputer (opens in new tab)