Total Tests:

Microsoft exposes 250m customer records

By Admire Moyo for ITWeb
Thursday, January 23, 2020

Over the New Year, software giant Microsoft exposed nearly 250 million customer service and support (CSS) records on the Web.

Ekaterina Khrustaleva, COO of Web security company ImmuniWeb, comments: “Assuming the data was not exploited by malicious actors as per the official statement, there is not much practical risk so far.

“However, it is impossible to say whether the information from this server, or other presumably existing servers, has ever been detected and stolen by cyber criminals.”

Khrustaleva says the absence of personally identifiable information in the dump is irrelevant here, given that technical support logs frequently expose VIP clients, their internal systems and network configurations, and even passwords.

“The data is a gold mine for patient criminals aiming to breach large organisations and governments,” she notes.

“Worse, many large companies and not only Microsoft have lost visibility of their external attack surface, exposing their clients and partners to significant risks. We will likely see a multitude of similar incidents in 2020.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
Your data will stay private and confidential