Microsoft discloses SECURITY BREACH that took place last month.

Microsoft discloses security breach of customer support database that took place last month.

Microsoft, In a blog post today, said a customer support database that was storing user analytics was “accidentally” exposed online without proper protections last month, between 12-5 and 12-31.

Microsoft blamed the accidental server exposure on misconfigured Azure security rules it deployed on December 5, which it now fixed. Following the leak, Microsoft says it is now:
  • Auditing the established network security rules for internal resources.
  • Expanding the scope of the mechanisms that detect security rule misconfigurations.
  • Adding additional alerting to service teams when security rule misconfigurations are detected.
  • Implementing additional redaction automation.

More at: