That posting also confirmed that the exposure of the database started on December 5, 2019, as the result of misconfigured security rules, and was remediated on December 31. This may seem like no big deal in the overall scheme of things, but when you consider that Microsoft support scams are pretty rampant, it doesn't take a genius to work out how valuable such information would be to the fraudsters carrying out such attacks. However, the researchers say that many contained plain text data including customer email addresses, IP addresses, geographical locations, descriptions of the customer service and support claims and cases, Microsoft support agent emails, case numbers and resolutions, and internal notes that had been marked as confidential. The nature of the data appears to be that much of the personally identifiable information was redacted. When I say unsecured, I mean that the data was accessible to anyone with a web browser who stumbled across the databases: no authentication at all was required to access them, according to the Comparitech report. Incredibly, the unsecured Elasticsearch servers contained records spanning a period from 2005 right through to December 2019.
Those records were customer service and support logs detailing conversations between Microsoft support agents and customers from across the world. Paul Bischoff, a privacy advocate and editor at Comparitech, has revealed how an investigation by the Comparitech security research team uncovered no less than five servers containing the same set of 250 million records. What Microsoft customer records were exposed online, and where did they come from?
0 kommentar(er)
