Email addresses and IP addresses visible.
Email addresses and IP addresses visible.
Under the title "Access Misconfiguration for Customer Support Database", Microsoft in a new post explains a major security flaw.
The gigantic database was set up incorrectly
A mistake in a database meant that an incredible 250 million customer support inquiries (from 2005 and later) were available to everyone around the world - the only thing needed to access was using a web browser.
Email addresses and IP addresses not password protected
Security researchers discovered the error on December 29. Two days later, Microsoft fixed the error, which they now reveal.
There was an error in the database setup that resulted in the database being outwardly accessible, nor was it password protected. Email and IP addresses were visible and not hidden.
Microsoft has not found that the information available in the timeframe has been exploited for malicious purposes and the company is sorry for the incident.
Original source: Microsoft