Another day, another data breach but this time it involves the technology giant Microsoft. Apparently, the company exposed sensitive Customer Service and Support (CSS) records including conversations between Microsoft support agents and customers around the world.
These records were stored on a database indexed by the BinaryEdge search engine. In total Microsoft exposed 14 years’ worth of data with 250 million CSS records. This means records from 2005 to December 2019 were leaked online and left without any security authentication allowing the public to access it with just a web browser.
See: Microsoft’s new tool detects & reports pedophiles from online chats
The data was discovered by CompariTech’s Bob Diachenko, a security researcher known for identifying exposed databases and reporting them respective owners to protect them from malicious access/use.
According to the company’s blog post, the data was left exposed for two days and contained a trove of sensitive information including:
1: Email IP addresses of Microsoft’s agents and customers2: Location details of Microsoft’s customers3: IP addresses of Microsoft’s customers4: Descriptions of CSS claims and cases5: Case numbers, resolutions, and remarks6: Internal notes marked as confidential.
What’s noteworthy is that these records were exposed in clear-text format meaning it didn’t require any decryption. This type of leak is ideal for malicious hackers and online scammers who can use the data for million microsoft customer support records leaked plain
