Microsoft left 250 million customer service support records exposed for over 3 weeks, and their response was not the level of concern one would hope for.
Not many people can say they haven’t used Word, Excel, or Windows over the last three decades.
But if you’ve made contact with Microsoft support or created a topic on their support forums any time since 2005, your private information may have been exposed.
In fact, more than 250 million customer service and support records were left out in the open on the Internet for 26 days, thanks to a misconfigured server.
According to Bob Diachenko, a cybersecurity researcher who spotted the unprotected database and reported to Microsoft, the logs contained records spanning from 2005 right through to December 2019.
A piece at The Hacker News reported: “Microsoft confirmed that due to misconfigured security rules added to the server in question on December 5, 2019, enabled exposure of the data, which remained the same until engineers remediated the configuration on December 31, 2019.”
And while some personally identifiable information wasn’t visible, according to Diachenko the following types of data were readable by anyone who found it:
- Customer email addresses
- IP addresses
- Descriptions of CSS claims and cases
- Microsoft support agent emails
- Case numbers, resolutions, and remarks
- Internal notes marked as “confidential”
The types of data that were exposed may not be limited to the above.
And while it may seem like this information isn’t ultra-sensitive at first glance, it’s what criminals can do with this information that is frightening:
By having real sensitive case information and email addresses of affected customers in hand, the leaked data could be abused by tech-support scammers to trick users into paying for non-existent computer problems by impersonating Microsoft support representatives.
Thousands of people fall for these types of scams every year. And any scams that leverage the leaked data will be more believable than ordinary scams.
Unfortunately, given the lackadaisical response from Microsoft, it appears egregious cases of private data exposure won’t be stopping anytime soon…
Microsoft Employee Responds: “Mistakes and Leaks Happen!”
You might think Microsoft would be diligent to ensure privacy violations like these wouldn’t happen again.
But according to a 15-year veteran employee of the company, it doesn’t appear that will ever be the case:
Nothing is perfect. Mistakes and leaks happen. Every organization has overly permissive permissions. Every! It’s just a matter of if someone outside the organization discovers it or if someone takes advantage of it.
While Microsoft figures out how to take care of your privacy, it might be a good idea to make the information you have online less valuable to thieves, snoops, and other companies where this “just happens.”
Bottom line, your “private” life is an open book
There are public databases that track your exact location, eating habits, spending habits, your income, your online habits, and many more private parts of your life.
With just a few clicks, a phone call, and a few dollars almost everything someone wants to find out about you can quickly be put together into a complete file.
That’s why I want to tell you about our popular “Go Off the Grid” report, which is your blueprint for living a truly private life.
You will discover:
- How to get your name out of public databases.
- How to make your physical and digital assets invisible to prying eyes.
- Ensure your vehicle ownership is 100% untraceable.
- How to make your wealth completely anonymous.
- How to protect yourself online.
But that’s not all, inside the report you’ll also find the following gems…
- DO THIS NOW: The one thing almost no one does to properly hide their home address, and it has nothing to do with getting a PO Box. (page 4).
- The “privacy veil” you can set up with a few clicks that renders you practically anonymous — and helps you slash your taxes. (page 24)
- Secure your phone number and your calls from snoops and credit agencies in minutes with this “Smart” blueprint. (page 13)
- The secret “shield” that makes your home, car, and other assets practically lien proof. You’ll be able to “set it once and forget it.” (page 16)
- The digital “Ghost” that can protect you online, make your digital footprints disappear, and even save you money on airplane tickets. (page 19)
- And more… including how to legally remove yourself from the banking system.
If you are serious about protecting your privacy from irresponsible companies, the Government, and other snoops, then you don’t want to miss this valuable report…
To living privately,
Location Independent Entrepreneur
P.S. In 2016 Microsoft violated the law by vacuuming up personal data of Office users without their permission. It violated Dutch privacy laws again in 2017 with its Windows operating system. Who knows when they’ll do it again?
Get my special report today and learn how to go completely “off the grid,” without having to move out to a cabin in Montana. In fact, you won’t even have to leave your couch.