Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies' Data Leak

Microsoft this week confirmed that it inadvertently exposed information related to thousands of #customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication.

"This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," Microsoft said in an alert.

Microsoft also emphasized that the B2B leak was "caused by an unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem and was not the result of a security vulnerability."

The misconfiguration of the #Azure Blob Storage was spotted on September 24, 2022, by cybersecurity company SOCRadar, which termed the leak BlueBleed. Microsoft said it's in the process of directly notifying impacted customers.

The Windows maker did not reveal the scale of the data leak, but according to SOCRadar, it affects more than 65,000 entities in 111 countries. The exposure amounts to 2.4 terabytes of data that consists of invoices, product orders, signed customer documents, partner ecosystem details, among others.

"The #exposeddata include files dated from 2017 to August 2022," SOCRadar said.

Microsoft, however, has disputed the extent of the issue, stating the data included names, email addresses, email content, company name, and phone numbers, and attached files relating to business "between a customer and Microsoft or an authorized Microsoft partner."

It also claimed in its disclosure that the threat intel company "greatly exaggerated" the scope of the problem as the data set contains "duplicate information, with multiple references to the same emails, projects, and users."

More at https://thehackernews.com/2022/10/microsoft-confirms-server.html