News

Microsoft data leak: data from more than 65,000 companies public

A massive Microsoft data leak made around 2.4 TB of data from more than 65,000 companies publicly visible for a while. The reason was an incorrectly configured server. In the meantime, however, the gap has been closed again.

Microsoft data leak: 65,000 companies affected

Around 2.4 terabytes of sensitive data from over 65,000 companies were unprotected and publicly viewable in a Microsoft data leak. The reason was a configuration error on a server, Microsoft said in a blog post.

Sensitive data such as user information, product orders and offers, project details, personal data and private documents were visible. 65,000 companies from 111 countries were said to be affected, according to the report by security firm SOC Radar.

Microsoft, however, clarifies that the bug is not a security vulnerability. The leak is due to a misconfiguration in a final product, which is not used in the entire Microsoft ecosystem. Therefore, other data stores were not affected and there was no risk, he said.

SOC Radar had already informed the company about the data leak on September 24, whereupon it was immediately closed by Microsoft. Now, access to the data is only possible from use who have the appropriate authentication.

Microsoft considers numbers exaggerated

“We appreciate that SOC Radar informed us about the misconfigured endpoint, but after reviewing their blog post, we first want to note that SOC Radar massively exaggerated the extent of the problem,” Microsoft elaborates.

According to the company’s own investigation, the analysis of the data revealed many duplicates referring to the same emails, projects and users. Microsoft also criticizes the public search tool set up by the security company. It was not in the spirit of data security for customers, it said.

According to the experts, the Microsoft data leak included data from 2017 to 2022. Affected companies were informed via the Message Center tool. Those who did not receive a message there were and are therefore on the safe side.

In February 2022, it became known that an old and critical vulnerability in Microsoft Windows could still be exploited. In May, a critical zero-day vulnerability in Microsoft Office was also discovered.

Simon Lüthje

I am co-founder of this blog and am very interested in everything that has to do with technology, but I also like to play games. I was born in Hamburg, but now I live in Bad Segeberg.

Related Articles

Neue Antworten laden...

Avatar of Basic Tutorials
Basic Tutorials

Gehört zum Inventar

7,887 Beiträge 2,106 Likes

A massive Microsoft data leak made around 2.4 TB of data from more than 65,000 companies publicly visible for a while. The reason was an incorrectly configured server. In the meantime, however, the gap has been closed again. Microsoft data leak: 65,000 companies affected Around 2.4 terabytes of sensitive data from over 65,000 companies were … (Weiterlesen...)

Antworten Like

Back to top button