Login

Register

Login

Register

Configuration Error Reveals 250 Million Microsoft …



Some the records, found on five identically configured servers, might have contained data in clear text.

Researchers have found five servers revealing almost 250 million Customer Service and Support (CSS) records. Each server contains what appears to be the same set of data stored, with no security or authentication. In a blog post, Microsoft acknowledged the exposure and blamed it on misconfigured security rules after changes made in early December.

A security research team at Comparitech, led by Bob Diachenk, discovered the five Elasticsearch servers in late December. According to Microsoft, the vast majority of the records had all personally identifiable information redacted through automated processes, though the company admitted that some records with unusually formatted data might have contained data in clear text.

In the blog post revealing its research, Comparitech noted that Microsoft acted quickly to secure the servers, completing the action within 24 hours of notification.

Read more here and here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

More Insights





Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW