Microsoft discloses security breach of customer support database
Credit:
ZDNet
Microsoft disclosed today a security breach that took place last month in December 2019.
In a blog post today, the OS maker said that an internal customer support database that was storing anonymized user analytics was accidentally exposed online without proper protections between December 5 and December 31.
The database was spotted and reported to Microsoft by Bob Diachenko, a security researcher with Security Discovery. The leaky customer support database consisted of a cluster of five Elasticsearch servers, a technology used to simplify search operations, Diachenko told ZDNet today. All five servers stored the same data, appearing to be mirrors of each other.