acm-header
Sign In

Communications of the ACM

Home/News/Microsoft Discloses Security Breach of Customer Support.../Full Text
ACM News

Microsoft Discloses Security Breach of Customer Support Database

By ZDNet
January 23, 2020
Comments
View as: Print Mobile App Share:
A negative image of Microsoft

Microsoft has disclosed a security breach that took place in December 2019.

Credit: ZDNet

Microsoft disclosed today a security breach that took place in December 2019.

In a blog post today, the OS maker said that an internal customer support database that was storing anonymized user analytics was accidentally exposed online without proper protections between December 5 and December 31.

The database was spotted and reported to Microsoft by Bob Diachenko, a security researcher with Security Discovery.

The leaky customer support database consisted of a cluster of five Elasticsearch servers, a technology used to simplify search operations, Diachenko told ZDNet today. All five servers stored the same data, appearing to be mirrors of each other.

Diachenko said Microsoft secured the exposed database on the same day he reported the issue to the OS maker, despite being New Year's Eve.

 

From ZDNet
View Full Article

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account