Database Misconfiguration, Microsoft Says – What This Means

Yesterday, Ann Johnson, the Corporate Vice President of the Cybersecurity Solutions Group and Eric Doerr, the General Manager of the Microsoft Security Response Center shared a rather serious data breach on the Microsoft Security Response Center blog.

The database misconfiguration occurred between December 5th and December 31st, 2019, the blog post states. It also covered about 250 million conversational records between Microsoft support and customers from 2005 to 2019.

“Our investigation has determined that a change made to the database’s network security group on December 5, 2019 contained misconfigured security rules that enabled exposure of the data. Upon notification of the issue, engineers remediated the configuration on December 31, 2019 to restrict the database and prevent unauthorized access. This issue was specific to an internal database used for support case analytics and does not represent an exposure of our commercial cloud services.”

What does this mean for customers?

There was no shown malicious intent in this data breech. However, the Microsoft Security Response Center is taking every precaution necessary to make sure this doesn’t happen again.

If you are needing assistance with any Microsoft issues, please give us a call at 1-800-620-5285.  Karls Technology is a nationwide computer service company with offices in many major cities.  This blog post is brought to you from our staff at the Arlington Computer Repair Service, if you need computer repair in Arlington, TX please call the local office at (817) 756-6008.

Leave a Reply