Microsoft server configuration error leaks customer data

Jan

Jan

Who's the Boss?
Staff member
Joined
May 24, 2010
Messages
14,766
Reaction score
13,403
Location
The Rabbit Hole
Microsoft server configuration error exposes customer names, emails, and phone numbers

Microsoft has confirmed that some of its customers' personal information has been exposed by an unintentionally misconfigured server that allowed unauthenticated access to business transaction data.

The tech giant confirmed that it secured the server after cybersecurity researchers at SOCRadar notified it of the leak on 24 September 2022.
 
Every month there is a story like this. But where is the accountability? Issue some fines to these companies get the people responsible for this fired. Nope, just sorry won't happen again.
 
The contrasting writeups from MS and SOCRadar on the issue is remarkable.
 
LCBXX said:
The contrasting writeups from MS and SOCRadar on the issue is remarkable.
Click to expand...

MS disagree with the scope, and also took the position that the endpoint was not in use.


Customer Impact ​

The business transaction data included names, email addresses, email content, company name, and phone numbers, and may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner. The issue was caused by an unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem and was not the result of a security vulnerability.  We are working to improve our processes to further prevent this type of misconfiguration and performing additional due diligence to investigate and ensure the security of all Microsoft endpoints. 

We appreciate SOCRadar informing us about the misconfigured endpoint, but after reviewing their blog post, we first want to note that SOCRadar has greatly exaggerated the scope of this issue. Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users. We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.
Click to expand...

MS should sue to set the record straight ;)
 
OhYeah84 said:
Thanks for the link. giving it a read!
Click to expand...

You would need to read MS's side as well. The issue is transparency. SOCRadar may have very well audited duplicated records, how and why these datasets were duplicated I don't know. There are reasons to have duplicates... but I won't know what is applicable in this case.

The question also needs to be raised whether MS is honest or whether they are doing damage control, possibly both. These vulnerabilities are an extreme risk, and would need to be mitigated. This is a very damaging claim made by SOCRadar.

Regardless, MS did give notice that impacted customers have been contacted and provided with instructions, which is an appropriate reaction. In the case MS deems this internally malicious by SOCRadar, the ‘exaggerated’ claims, they will sue, otherwise it is all PR. SOCRadar will also maximise this exposure promotionally. That blog is marketing.

I have been long enough in this business to know how any service provider reacts to claims like these.
 
Fulcrum29 said:
You would need to read MS's side as well. The issue is transparency. SOCRadar may have very well audited duplicated records, how and why these datasets were duplicated I don't know. There are reasons to have duplicates... but I won't know what is applicable in this case.

The question also needs to be raised whether MS is honest or whether they are doing damage control, possibly both. These vulnerabilities are an extreme risk, and would need to be mitigated. This is a very damaging claim made by SOCRadar.

Regardless, MS did give notice that impacted customers have been contacted and provided with instructions, which is an appropriate reaction. In the case MS deems this internally malicious by SOCRadar, the ‘exaggerated’ claims, they will sue, otherwise it is all PR. SOCRadar will also maximise this exposure promotionally. That blog is marketing.

I have been long enough in this business to know how any service provider reacts to claims like these.
Click to expand...
They definitely would. They're consuming their own Azure services which are misconfigured which would have security/reputational damage for them, and a push to fix it ASAP.
Not like our lot here that keep very quiet about things until you find out by chance your data has been leaked.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X