On Wednesday, October 19, Microsoft confirmed that it accidentally exposed information about thousands of customers following a misconfiguration that left an endpoint publicly accessible without any authentication. Microsoft explained in an alert, “This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services.”
Microsoft did not reveal the scale of the leak, but it is believed to have affected over 65,000 entities in 111 countries. The leak constituted 2.4 terabytes of data consisting of invoices, product orders, signed customer documents, and partner ecosystem details. (The Hacker News)
The SensCy team has been monitoring the development of the issue. We have found no evidence that the information leaked was accessed by threat actors before the disclosure. However, we believe it is likely that such leaks could be exploited for malicious purposes, such as social engineering attacks. We also have found no evidence that our clients using Microsoft products have been impacted by the leak. However, we recommend that you monitor any unusual behavior, enforce a password change on accounts using Microsoft’s products, and monitor any upcoming security updates by Microsoft.
Additionally, Microsoft said, “We have focused our attention on directly notifying impacted customers and provided them with instructions for contacting Microsoft with questions or concerns. If you did not receive a Message Center communication, our investigation did not identify an impact to you or your organization.”
If you have any questions or concerns regarding the Microsoft leak and are unsure of the implications for your company, please reach out to SensCy.