Microsoft Admits Data Breach but Blasts Group That Reported It

A threat intelligence firm has claimed tens of thousands of entities have been affected, but Microsoft disputes the claim.
Aaron Drapkin

Microsoft has confirmed that sensitive information pertaining to customers may have been exposed due to a misconfigured server. However, it has strongly disputed the claims made by the group that reported it.

While weak account credentials can be alleviated with a password manager, systems configured in error like this present their own kind of threat to businesses.

Whilst Microsoft says there’s no indication that any customer accounts or systems were affected, it’s a stark reminder that even the largest companies are at risk.

Microsoft Systems Breached

SOCRadar, a threat intelligence organization, notified Microsoft in late September that the “sensitive data of 65,000+ entities in 111 countries” was leaked due to a misconfigured data bucket.

This week, Microsoft confirmed in a blog post that the issue “resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers.”

SOCRadar says in its own post that there were “more than 335,000 emails, 133,000 projects, and 548,000 exposed users within the leaks”.

Expanding on this, the intelligence firm said “POE documents, SOW documents, Invoices, Product orders, Product offers, Project details, Signed customer documents, POC (Proof of Concept) works, Customer emails, and Internal comments for customers” were exposed.

Is Microsoft Telling the Full Story?

Microsoft has held its hands up and accepted the misconfigured server exposed data, but also suggested that SOCRadar “greatly exaggerated the scope of this issue.”

“Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users,” Microsoft says.

It added that while it takes the issue “very seriously” it was also disappointed that SOCRadar inflated “the numbers involved”, even after this mistake was highlighted.

Microsoft also took the time to criticize SOCRadar’s decision to release a “search tool” to the public to sift through the data, claiming it is “not in the best interest of ensuring customer privacy or security”.

Threats to Businesses are Multiplying

Even if SOCRadar did inflate the number of Microsoft customers affected by the misconfigured server, data was exposed nonetheless.

Businesses can mitigate risks like weak account credentials with tech fixes such as password managers. But widespread reliance on systems and servers provided by other companies, as well as the proliferation of third-party apps and integrations, means it's hard to cover every entry point to your network.

That’s why it’s important to pick your partners wisely, educate your staff, and implement a zero-trust model wherever you can.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Aaron Drapkin is a Senior Writer at Tech.co. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol three years ago. As a writer, Aaron takes a special interest in VPNs and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, The Week, and Politics.co.uk covering a wide range of topics.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals