Server Misconfiguration Leads to Microsoft’s Data Leak
Responding to their vendor’s blog post reporting a data leak, Microsoft informed the press on October 12, 2022 that an unspecified amount of data, which included personal information such as phone numbers and email addresses, was recently made accessible across the internet because of a server configuration error.
SOCRadar is Microsoft’s authorized security vendor. According to SOCRadar, the data of more than 65000 companies was exposed, but Microsoft claimed in their own post that SOCRadar’s claims were exaggerated.
The server configuration error occurred on September 24, 2022, following which, the affected server was quickly reconfigured. For a short time, this data, consisting of Microsoft’s correspondence with its clients, could be accessed without requiring any authentication, leading to the assumption that it could have been compromised.
According to SOC Rader, a single misconfigured data bucket was the reason for the data exposure. The size of the data was a whooping 2.4 TB, which belonged to companies from around 111 countries across the globe. The data set included files between the year 2017 and 2022.
Microsoft said in their blogpost: “We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.” They further added that the exposure did not show any vulnerability since it was caused by a misconfiguration and that the exposed data included many duplicate sets of information, therefore the number of affected companies was far lower than claimed by SOCRadar.