Data for 14 years were available to everyone
Microsoft has admitted that jeopardized the data of 250 million users of its service support and customer service.
Specialists in information security Bob Dyachenko (Bob Diachenko) and Comparitech has discovered a vulnerability in the Microsoft database at the end of 2019 — 29 Dec. Microsoft quickly removed the «hole» in security, developed a hotfix two days later.
The vulnerability allowed to access customer records through Microsoft any standard web browser. Available to everyone the data included records of staff talking with Microsoft customers around the world since 2005. According to Comparitech, the database was not password protected.
Microsoft said in an official statement that no signs of malicious use of the data from the database is detected. Also, Microsoft announced that «most» compromised data «has been edited» with the help of automatic means to remove personal information.