Misconfigured Microsoft database exposed 250 million customer service records

Shawn Knight

TechSpot Staff
Staff member

The records contain conversations, logs and information between Microsoft support agents and customers from around the globe dating all the way back to 2005.

Comparitech said it found five Elasticsearch servers, each with a seemingly identical set of the 250 million records, on December 29, 2019 – just one day after they were indexed by search engine BinaryEdge.

Most personally identifiable information was redacted from the records although many of them contained other information such as customer e-mail addresses, IP addresses, locations, descriptions of CSS claims and cases, support agent e-mails, resolutions and remarks, case numbers and internal notes marked as “confidential.”

Fortunately, Comparitech did the responsible thing and reached out to Microsoft about the matter. Redmond’s support team got right on it and had all of the vulnerable servers secured within 24 hours.

Even with the short window, opportunity existed for nefarious activity although Comparitech said it is unsure if any other unauthorized parties accessed the databases during that time.

In its own blog post, Microsoft held itself accountable, citing a change made to the database’s network security group on December 5, 2019, as the culprit. The company said the issue was “specific to an internal database used for support case analytics and does not represent an exposure of our commercial cloud services.”

Masthead credit: Microsoft by VDB Photos. Servers by Stock image.

Permalink to story.

 

Uncle Al

TS Evangelist
A more direct control would be to have any administrator that fails to secure their servers & databases face public execution. After the first or second one I think you'd see priorities get straightened out VERY quickly, plus we weed out the incompetent administrators making more jobs available to the unemployed ..... LOL
 
  • Like
Reactions: Yynxs

baskiria

TS Booster
A more direct control would be to have any administrator that fails to secure their servers & databases face public execution. After the first or second one I think you'd see priorities get straightened out VERY quickly, plus we weed out the incompetent administrators making more jobs available to the unemployed ..... LOL
Or there would be no one to run the system at all :p
 
  • Like
Reactions: Uncle Al

BadThad

TS Maniac
Even scarier is MS cloud services. The sharing/passing of corporate LAN credentials has me very concerned.
 

Dosahka

TS Addict
Another day, another exposed database!
Well it's not a US State using outdated Windows 7 with many vulnerabilities and have cybersecurity equal to a hot-dog (with ketchup and/or mustard), then pay 1 million for a ransomware, that's for sure.
 

ZedRM

TS Addict
So no need to fear of w10 taking photos of you, recording sound, logging keystrokes and sending all this to MS. Want could possibly go wrong?
Right? I mean, after all, Microsoft is such a trustworthy entity, isn't it.
(please note, severe sarcasm)
 
  • Like
Reactions: Yynxs

Markoni35

TS Maniac
Right? I mean, after all, Microsoft is such a trustworthy entity, isn't it.
(please note, severe sarcasm)
Don't worry, Google knows a lot more about you than Microsoft. You're carrying your personal spying device constantly with you, right? If not, that means you're hiding something, and that means you're a terrorist.

Oh, wait, it's not 2025. It's still allowed to walk on the street without carrying a personal spying device. For now.