Microsoft is in the news for another internet breach of its customer records. A database inventory of 250 million Microsoft customers’ records was exposed and left unsecure online. A development that gave unauthorized individual with no hacking skill or computer expertise access to 250 million customer records with any browser from any PC. These records had no password protection and no requirement for authentication, it was just there online for everyone to access.
Microsoft claims that the attack was as a result of misconfigured security rules on the server that contained Microsoft customer services and support data. This a second major data breach hitting Microsoft customer support system in one year. The first occurrence in April 2019, hackers used a customer support representative logins to breach and access the email accounts of several users. These attacks on the internal support systems don’t come as a surprise as they contain significant information of customers, making this section a top priority for hackers.
Bob Diachenko Microsoft Hero
Bob Diachenko Microsoft Hero
The catastrophic data breach on Microsoft internal support system was discovered on the 28th of December, 2019two days after it happened. It was then indexed by threat intelligence search engine BinaryEdge. The next day Bob Diachenko who is the head of the Comparitech security research team also discovered this breach. Quickly Bob Diachenko reported this security alert to Microsoft and it was fixed in two days.
Although Microsoft claims that there was no evidence of malicious use, yet one may wonder how detrimental it could be if such information of a server that included conversation logs spanning 14 years between Microsoft support personnel and customers from across the world had fallen into the wrong hands.
Customer Records Exposed
According to Bob, vital information that contained personally identifiable information such as customer email aliases, payment information, and contract numbers were obscure. Nevertheless, other records such as customer email addresses, IP addresses, locations, and conversations between support and customers.
Catastrophic Impact of of exposed data to Microsoft customers
Although personally identifiable information of the customer was unavailable, yet, the danger posed by this exposure is magnanimous. If these data had fallen to the wrong hands, such as tech support scammers it will be a regin of internet terror on the users. These logs and case information will give scammers more advantages in frauding their customers. Scammers could use the data to impersonate real Microsoft employees and referring to a real case number. They can easily obtain sensitive information or even possibly hijack a user device.
Bischoff was one of the few to cut Microsoft some slack from the heavy criticism it came under, he said “It’s a common mistake in any environment where data is stored,” He advised that security groups should set firewall rules that detect who can access certain data and from where. There should also be a regular auditing to ensure groups are always on their heels. There should be a mechanism such as alert systems to detect misconfiguration. Security units should be notified instantly of such breaches and the issues should be resolved quickly.