Microsoft exposes 250 million customer records

Microsoft disclosed a security breach caused by a misconfigured internal customer support database that led to the accidental exposure of roughly 250 million customer support and service records, some of them containing personally identifiable information.

The database was storing anonymized user analytics and was accidentally exposed online between December 5 and December 31. Microsoft said the issue was specific to the support database and does not reflect an exposure of its commercial cloud services. Per company policy, information stored in the database was redacted to remove personal information, Microsoft said.

"Our investigation confirmed that the vast majority of records were cleared of personal information in accordance with our standard practices," Microsoft wrote in a blog post. "In some scenarios, the data may have remained unredacted if it met specific conditions."

This presents not just a phishing risk but a valuable collection of data for tech support scammers who impersonate call center agents from Microsoft and other companies to install malware on victim machines and steal financial data.

Read more -here-

• John Deere says solar storm compromised GPS tracking on tractors
• Dell confirms database hacked - hacker says 49 million customers hit
• Google releases emergency fix for new Chrome zero-day flaw
• Disney+, Hulu and Max team up for streaming bundle package
• OpenAI is reportedly working on a search feature for ChatGPT
• TikTok, ByteDance sue to block US law seeking sale or ban of app