Expert Commentary: Unsecured Microsoft Bing Server Exposed Users’ Search Queries And Location

It was recently revealed that a back-end server associated with Microsoft Bing exposed sensitive data of the search engine’s mobile application users, including search queries, device details, and GPS coordinates, among others. The data leak, discovered by WizCase on September 12, is a massive 6.5TB cache of log files that was left for anyone to access without any password, potentially allowing cybercriminals to leverage the information for carrying out extortion and phishing scams. According to WizCase, the Elastic server is believed to have been password protected until September 10, after which the authentication seems to have been inadvertently removed.

Experts Comments

September 24, 2020
Chris DeRamus
VP of Technology Cloud Security Practice
Rapid7
When a breach like this occurs, an unsecured server is almost always the reason - especially an Elasticsearch server, which accounted for 44% of all records exposed in 2018 and 2019 due to cloud misconfigurations, and was also the most common database breached across all platforms (20%). In this instance, the password protection was removed, thereby allowing anyone who came across this database complete access. The software-defined nature of the cloud leads to frequent changes and it is.....Read More
When a breach like this occurs, an unsecured server is almost always the reason - especially an Elasticsearch server, which accounted for 44% of all records exposed in 2018 and 2019 due to cloud misconfigurations, and was also the most common database breached across all platforms (20%). In this instance, the password protection was removed, thereby allowing anyone who came across this database complete access. The software-defined nature of the cloud leads to frequent changes and it is important that organizations implement a continuous and automated cloud security strategy in order to detect and remediate threats such as misconfigurations and compliance violations in real-time. This incident exemplifies the importance of automating remediation processes to prevent unintended gaps in security. Automated cloud security solutions can grant organizations the ability to detect misconfigurations and alert the appropriate personnel to correct the issue, or even trigger automated remediation in real-time, so that databases and other assets never have the opportunity to be exposed, even temporarily. For businesses looking to solidify their security measures, automation is the simplest and most effective way to protect sensitive data. When a breach like this occurs, an unsecured server is almost always the reason - especially an Elasticsearch server, which accounted for 44% of all records exposed in 2018 and 2019 due to cloud misconfigurations, and was also the most common database breached across all platforms (20%). In this instance, the password protection was removed, thereby allowing anyone who came across this database complete access. The software-defined nature of the cloud leads to frequent changes and it is important that organizations implement a continuous and automated cloud security strategy in order to detect and remediate threats such as misconfigurations and compliance violations in real-time. This incident exemplifies the importance of automating remediation processes to prevent unintended gaps in security. Automated cloud security solutions can grant organizations the ability to detect misconfigurations and alert the appropriate personnel to correct the issue, or even trigger automated remediation in real-time, so that databases and other assets never have the opportunity to be exposed, even temporarily. For businesses looking to solidify their security measures, automation is the simplest and most effective way to protect sensitive data.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.