Misconfigured Microsoft Endpoint exposed B2B customer data
Security researchers at SOCRadar informed Microsoft about a misconfigured data bucket that exposed 2.4 Terabytes of data to the public. The data includes sensitive information, including personally identifiable information, product orders and offers, project details, or statement of work documents, according to SOCRadar.
Microsoft protected the endpoint hours after being informed about it by the company. The data includes files dated from 2017 to August 2022. SOCRadar notes that the data includes information about more than 65,000 companies from 111 countries.
The company has created a search option on their website. A free account is required to search the data and find out if a particular company is affected.
Microsoft confirmed the data exposure issue on October 19th, 2022. According to Microsoft, it found no indication that customer accounts or systems were compromised. The misconfiguration had the potential that data was accessed by unauthorized entities.
The data that was accessible includes "names, email addresses, email content, company name, and phone numbers" according to Microsoft. Attached files, relating to "business between a customer and Microsoft or an authorized Microsoft partner" may also have been included. SOCRadar claims that the data includes sensitive information, including signed customer documents, customer assets documents, product price lists and more.
Impacted customers were notified by Microsoft, according to the statement.
A large part of the announcement on Microsoft's website is used to criticize SOCRadar and its handling of the incident. Microsoft claims that SOCRadar has "greatly exaggerated the scope" of the issue, stating that the data set includes duplicate information.
Microsoft expressed disappointment that SOCRadar released a public search tool, as it may expose customers to "unnecessary risk". SOCRadar should have implemented a system that is using verification to ensure that data is revealed only to users affected by the leak and that information is only displayed to the actual user.
Closing Words
Fact is, customer data was stored on an unprotected endpoint for a period of time. It is unclear if SOCRadar was the only entity that downloaded the data; Microsoft claims that it could not detect unauthorized access to the data.
Whether SOCRadar is overplaying the importance of the exposed endpoint and the data it contained, or Microsoft is trying to downplay the issue is difficult to say at this endpoint. Microsoft is obviously interested in protecting customer data, its reputation as a cloud security provider, and constraining the potential leak, SOCRadar in furthering its business through publicy.
Now You: what is your take on the situation?
EDIT: Don’t use anything Microsoft
Don’t use anything Microsoft (or Theranos) related if your scared about the safety of the products and services.
It feels like Microsoft is downplaying it by at least 75 percent and SOCRadar is trying to boost its place in the market.
When a company has headlined on its website like “SOCradar discovered one of the largest B2B leaks in recent years! READ NOW” I am convinced that the truth is somewhere in between.
It feels like the same quility as the headlines of the Englisch newspaper the Sun. https://www.thesun.co.uk/
Isn’t it about time we make it illegal for companies to hold data about clients in any system that isn’t air-gapped from the internet? I’ve certainly programmed enough corporate computing projects to understand that companies have to keep some amount of data on-line to make their line of business software useful, but there needs to be a way to create a hard block between this info and the outside world. And in addition, no data other than documented required data should be kept, and every data item should have a limited lifespan so it can’t live forever on any business system.
Poor little billionaire Bill, must be so happy that his child Microsoft hires from the reject pile these days. Its obvious in anything they do. Big ideas poor execution throughout.