It has been reported that Microsoft has confirmed that a misconfigured endpoint unintentionally leaked business and personally identifiable information (PII) for some customers. The tech giant said it was informed about the incident by threat intelligence firm SOCRadar on September 24, and secured the endpoint soon after with authentication.
Unfortunately, many of the data leaks we see these days are because of misconfigured Azure and Amazon Web Services data buckets, leading to leaks. As long as humans are involved in the configuration of such data buckets, we’ll continue to see leaks.
Luckily, the affected customer count is relatively low. However, the affected parties will need to keep a wary eye out for phishing attempts and such as bad actors could make use of the leaked information (names, email addresses, email content, company name and phone numbers) to attempt to glean more information from employees and executives of the affected customers.
Also commenting on the story is Paul Bischoff, Consumer Privacy Advocate at Comparitech:
Microsoft business customers and partners who were affected by the leak should be on the lookout for targeted phishing emails and text messages. Given that the parties involved are high-level employees, they are lucrative targets for CEO fraud and business email compromise. Although Microsoft hasn’t stated outright that the exposed data was actually stolen, our honeypot studies show misconfigured servers like these can be found and attacked within a matter of hours.