In its latest data breach, Microsoft has exposed nearly 14 years of customer service and support records, equating to the details of nearly 250 million records.
The breach was discovered by Comparitech’s security research team, which is headed by Bob Diachenko, who immediately informed Microsoft. The corporation took swift action; in total, the data was exposed from 28–31 December 2019.
Diachenko said: “I immediately reported this to Microsoft and within 24 hours all servers were secured. I applaud the MS support team for responsiveness and quick turnaround on this despite New Year’s Eve.”
What information was held?
Information held within the breached records included customer email addresses, IP addresses, locations, case and claim descriptions, confidential internal notes, customer case numbers, resolutions and remarks.
However, PII (personally identifiable information) was, for the most part, redacted.
Contacts now at risk
Although the majority of PII was omitted from the records, the data breach still presents risks to customers in terms of phishing and tech support scams.
Tech support scams involve the scammer impersonating a technical support agent, and using the breached data to install malware on a victim’s computer and steal their financial data.
Customers and users should remain vigilant and be aware of the possibility of phishing emails or phone calls (‘vishing’). Being approached by a Microsoft Support agent is the first warning sign: customers and users contact Microsoft for tech support when required; Microsoft doesn’t proactively reach out to them. Microsoft employees will also never ask for authentication credentials like passwords, or that you install remote desktop applications like TeamViewer.
Learn how to detect and prevent phishing attacks
Put you staff to the test and find out how they handle phishing emails with our Simulated Phishing Attack. A security expert will send your employees a scam email and monitor how they respond.
You can use the results to pinpoint specific weaknesses, inform your cyber security strategy and show employees how serious the threat of phishing is.
This exposure came about as a result of misconfigured security rules on the server holding the Microsoft customer services and support data therefore other organizations should practice some mechanism that detects misconfigurations in order to avoid such incidences.