Microsoft disclosed a security breach that led to the accidental exposure of around 250 million customer support and service records, some containing personally identifiable information, between 05 and 31 December 2019. The exposure was caused by a misconfigured internal customer support database, which consisted of a cluster of five Elasticsearch servers, a technology used to simplify search operations.
Microsoft's security teams were working overtime to close a potentially enormous security loophole. On Thursday, the company disclosed a database error that temporarily left approximately 250 million customer service and support records accessible to anyone with a web browser. pic.twitter.com/usv4Bz7TPs
— Intel Ape (@IntelApe) January 23, 2020
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.