Microsoft disclosed a security breach today that took place last month in December 2019. In a blog post today, Microsoft announced an investigation of a misconfiguration of security rules on an internal customer support database that was storing user analytics data. In the time period of December 5 – December 31, 2019, anonymized data was accidentally exposed online without proper protections.

The leaked customer support database consisted of a cluster of five Elasticsearch servers, a technology used to simplify search operations, stored as mirrored data

The servers contained roughly 250 million entries, with information such as
  • email addresses
  • IP addresses
  • and support case details

 Microsoft stated that most of the records didn’t contain any personal user information.

Microsoft has begun notifying customers whose data was impacted, asserting that OS maker “found no malicious use” of the data.

Microsoft pointed out that the accidental server exposure is due to misconfigured Azure security rules that were deployed on December 5, 2019.


As of December 31, 2019 Microsoft has the previously exposed database secured. Microsoft states that it is now:

  • Auditing the established network security rules for internal resources.
  • Expanding the scope of the mechanisms that detect security rule misconfigurations.
  • Adding additional alerting to service teams when security rule misconfigurations are detected.
  • Implementing additional redaction automation.

“We want to sincerely apologize and reassure our customers that we are taking it seriously and working diligently to learn and take action to prevent any future reoccurrence. ” ~ Microsoft

How is your state of IT?

Call Us: (201) 493-1414

Related Articles

Microsoft is delaying ending support for older versions of Windows 10 due to Coronavirus
BYOD and Federal Wage Laws
Human Resources Issues You Never Considered with BYOD
Why choose psWorkplace for secure collaboration?
6 Phases to Guide Your Small Business Through COVID-19 Planning and Response
Benefits of letting your employees work from home
Increase in Business Productivity Phishing Scams
The cost of downtime for small business
Our Awards:
IT Support NJ - Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution industry awards
IT support NJ - Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution IT industry awards
Scroll to Top