Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
Microsoft data breach overview:
- Who: Microsoft revealed that a misconfigured internet-accessible Microsoft server exposed some of its customers’ sensitive information.
- Why: Microsoft said an “unintentional” misconfiguration on an endpoint “not in use” in its ecosystem caused the data breach.
- Where: Microsoft is used by consumers nationwide.
Microsoft disclosed to the public yesterday that some sensitive customer information was exposed due to a misconfigured internet-accessible Microsoft server.
In a blog post, the tech company says it “quickly secured” the endpoint of the misconfigured server after security researchers at Tech Intelligence Firm SOCRadar notified it of the data leak on Sept. 24.
The misconfiguration led to the “potential for unauthenticated access” to certain business transaction data that corresponds to interactions between Microsoft and its prospective customers, according to the Microsoft data breach blog post.
“The issue was caused by an unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem and was not the result of a security vulnerability,” Microsoft says in the post.
Microsoft also reassured consumers that it didn’t find any indication that any customer accounts or systems were compromised due to the misconfigured server and that it contacted any affected customers directly.
Microsoft data breach includes names, email content, among other things
Data exposed in the Microsoft data breach included customer names, email content, company names and phone numbers and email addresses, Microsoft says in the blog post. It “may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner,” according to the company.
Microsoft says that it is “working to improve our processes” to avoid similar types of misconfigurations going forward as well as “performing additional due diligence to investigate and ensure the security of all Microsoft endpoints.”
Consumers or organizations who did not receive a Message Center communication from Microsoft about the breach are not impacted by the issue, according to the company.
In June, Microsoft announced that it would be officially retiring its Internet Explorer web browser while redirecting its users to Microsoft Edge.
Have you had your personal information exposed by the Microsoft data breach? Let us know in the comments!
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
153 thoughts onMicrosoft data breach compromises customers’ sensitive information due to misconfigured server
add me
Please add me
Please add me
Please add me
add me
please add
Add me please
Add me
I had my computer hacked so much it finally crashed and I cant retrieve non of my photos or get into anything on it. My bank accounts have been hacked led and all my money drain and its not been replaced ar all
I’ve just been told about this breach happening from a friend who mentioned it to me after I shared the strange activity I told him I was noticing and then text messages and emails multiple times with codes in them along with stating it’s for a request to update personal information on an account I’d like to be part of this lawsuit if it moves forward so that the ones affected can file a claim for the problem’s this breach caused
So strange I saw this today because two days ago I received a code one time access code from Microsoft like somebody was trying to access some account from Microsoft. What in the hell