Microsoft disclosed a security breach today that took place last month in December 2019. In a blog post today, Microsoft announced an investigation of a misconfiguration of security rules on an internal customer support database that was storing user analytics data. In the time period of December 5 – December 31, 2019, anonymized data was accidentally exposed online without proper protections.
The leaked customer support database consisted of a cluster of five Elasticsearch servers, a technology used to simplify search operations, stored as mirrored data
Microsoft has begun notifying customers whose data was impacted, asserting that OS maker “found no malicious use” of the data.
Microsoft pointed out that the accidental server exposure is due to misconfigured Azure security rules that were deployed on December 5, 2019.
As of December 31, 2019 Microsoft has the previously exposed database secured. Microsoft states that it is now:
- Auditing the established network security rules for internal resources.
- Expanding the scope of the mechanisms that detect security rule misconfigurations.
- Adding additional alerting to service teams when security rule misconfigurations are detected.
- Implementing additional redaction automation.
“We want to sincerely apologize and reassure our customers that we are taking it seriously and working diligently to learn and take action to prevent any future reoccurrence. ” ~ Microsoft